Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-3807 (GCVE-0-2021-3807)
Vulnerability from cvelistv5 – Published: 2021-09-17 00:00 – Updated: 2024-08-03 17:09
VLAI?
EPSS
Summary
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
Severity ?
7.5 (High)
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chalk | chalk/ansi-regex |
Affected:
unspecified , < 6.0.1
(custom)
Affected: unspecified , < 5.0.1 (custom) Unaffected: 5.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:08.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221014-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "chalk/ansi-regex",
"vendor": "chalk",
"versions": [
{
"lessThan": "6.0.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "5.0.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
},
{
"url": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221014-0002/"
}
],
"source": {
"advisory": "5b3cf33b-ede0-4398-9974-800876dfd994",
"discovery": "EXTERNAL"
},
"title": "Inefficient Regular Expression Complexity in chalk/ansi-regex"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2021-3807",
"datePublished": "2021-09-17T00:00:00",
"dateReserved": "2021-09-16T00:00:00",
"dateUpdated": "2024-08-03T17:09:08.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ansi-regex_project:ansi-regex:*:*:*:*:*:node.js:*:*\", \"versionStartIncluding\": \"4.0.0\", \"versionEndExcluding\": \"4.1.1\", \"matchCriteriaId\": \"AD9CD917-1204-4B9C-960B-A6CF0380E660\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ansi-regex_project:ansi-regex:3.0.0:*:*:*:*:node.js:*:*\", \"matchCriteriaId\": \"9F3A897D-6080-4F7A-8913-A11F0E9E7C8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ansi-regex_project:ansi-regex:5.0.0:*:*:*:*:node.js:*:*\", \"matchCriteriaId\": \"E67C63BE-EF70-4794-92BF-CF0323DB2AF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ansi-regex_project:ansi-regex:6.0.0:*:*:*:*:node.js:*:*\", \"matchCriteriaId\": \"0A72DB85-ED1D-4A67-9E13-E57A08185A47\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4367D9B-BF81-47AD-A840-AC46317C774D\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"ansi-regex is vulnerable to Inefficient Regular Expression Complexity\"}, {\"lang\": \"es\", \"value\": \"ansi-regex es vulnerable a una Complejidad de Expresiones Regulares Ineficientes\"}]",
"id": "CVE-2021-3807",
"lastModified": "2024-11-21T06:22:29.500",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV30\": [{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-09-17T07:15:09.273",
"references": "[{\"url\": \"https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9\", \"source\": \"security@huntr.dev\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994\", \"source\": \"security@huntr.dev\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221014-0002/\", \"source\": \"security@huntr.dev\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"security@huntr.dev\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221014-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "security@huntr.dev",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1333\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1333\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3807\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2021-09-17T07:15:09.273\",\"lastModified\":\"2024-11-21T06:22:29.500\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ansi-regex is vulnerable to Inefficient Regular Expression Complexity\"},{\"lang\":\"es\",\"value\":\"ansi-regex es vulnerable a una Complejidad de Expresiones Regulares Ineficientes\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ansi-regex_project:ansi-regex:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.1.1\",\"matchCriteriaId\":\"AD9CD917-1204-4B9C-960B-A6CF0380E660\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ansi-regex_project:ansi-regex:3.0.0:*:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"9F3A897D-6080-4F7A-8913-A11F0E9E7C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ansi-regex_project:ansi-regex:5.0.0:*:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"E67C63BE-EF70-4794-92BF-CF0323DB2AF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ansi-regex_project:ansi-regex:6.0.0:*:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"0A72DB85-ED1D-4A67-9E13-E57A08185A47\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4367D9B-BF81-47AD-A840-AC46317C774D\"}]}]}],\"references\":[{\"url\":\"https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9\",\"source\":\"security@huntr.dev\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994\",\"source\":\"security@huntr.dev\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221014-0002/\",\"source\":\"security@huntr.dev\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@huntr.dev\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221014-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2022-AVI-510
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Data Synchronization App versions ant\u00e9rieures \u00e0 3.0.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2021-22940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22940"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2021-22930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-22918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22918"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2021-22939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2021-22931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2020-15168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15168"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-510",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6590981 du 31 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6590981"
}
]
}
CERTFR-2022-AVI-928
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | IBM QRadar Pulse App versions antérieures à 2.2.9 | ||
| IBM | N/A | CP4BA version 22.0.1 sans le correctif de sécurité CP4BA 22.0.1-IF2 | ||
| IBM | Cloud Pak | IBM Robotic Process Automation pour Cloud Pak versions antérieures à 21.0.5 | ||
| IBM | N/A | IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de sécurité CMIS 3.0.6-IF2 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 FP6 | ||
| IBM | N/A | CP4BA version 21.0.3 sans le correctif de sécurité CP4BA 21.0.3-IF12 | ||
| IBM | N/A | Enterprise Content Management System Monitor (ESM) versions 5.5.x antérieures à 5.5.9 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics version 4.1.8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 22.0.1 sans le correctif de s\u00e9curit\u00e9 CP4BA 22.0.1-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Robotic Process Automation pour Cloud Pak versions ant\u00e9rieures \u00e0 21.0.5",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de s\u00e9curit\u00e9 CMIS 3.0.6-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 FP6",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 21.0.3 sans le correctif de s\u00e9curit\u00e9 CP4BA 21.0.3-IF12",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Enterprise Content Management System Monitor (ESM) versions 5.5.x ant\u00e9rieures \u00e0 5.5.9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics version 4.1.8",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-34538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34538"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2018-20852",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20852"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2020-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4051"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-10202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10202"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2020-9492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2020-15523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
},
{
"name": "CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2022-34339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34339"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20406",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20406"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2019-16935",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16935"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24758"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-928",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830211 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830211"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830243 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830243"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6828527 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6828527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830257 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830257"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830265 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830265"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
CERTFR-2025-AVI-0608
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 sans les derniers correctifs de sécurité pour les protocoles GoogleCloudPubSub, GoogleCommon et GoogleGSuiteActivityReportsRESTAPI | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP12 IF03 | ||
| IBM | WebSphere | WebSphere Remote Server sans les derniers correctifs de sécurité | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.4.x antérieures à 6.4.0.2 pour Unix | ||
| IBM | Sterling | Sterling Connect:Direct FTP+ versions 1.3.0 antérieures à 1.3.0.1 | ||
| IBM | Db2 Query Management Facility | Db2 Query Management Facility versions 13.1 et 12.2.0.5 sans le JRE 8.0.8.45 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.3.x antérieures à 6.3.0.5 pour Unix | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.7 pour Windows | ||
| IBM | QRadar Incident Forensics | QRadar Incident Forensics versions 7.5.0 antérieures à 7.5.0 UP12 IF03 | ||
| IBM | WebSphere | WebSphere Application Server Liberty versions antérieures à 25.0.0.8 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.7.iFix052 pour Unix | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 5 | ||
| IBM | WebSphere | WebSphere Application Server versions 9.0.0.x antérieures à 9.0.5.25 | ||
| IBM | WebSphere | WebSphere eXtreme Scale versions 8.6.1.x antérieures à 8.6.1.6 sans le correctif PH67142 iFix |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar SIEM versions 7.5.0 sans les derniers correctifs de s\u00e9curit\u00e9 pour les protocoles GoogleCloudPubSub, GoogleCommon et GoogleGSuiteActivityReportsRESTAPI",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP12 IF03",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Remote Server sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.2 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct FTP+ versions 1.3.0 ant\u00e9rieures \u00e0 1.3.0.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Query Management Facility versions 13.1 et 12.2.0.5 sans le JRE 8.0.8.45",
"product": {
"name": "Db2 Query Management Facility",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.5 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.7 pour Windows",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP12 IF03",
"product": {
"name": "QRadar Incident Forensics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty versions ant\u00e9rieures \u00e0 25.0.0.8",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.7.iFix052 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.0.0.x ant\u00e9rieures \u00e0 9.0.5.25",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere eXtreme Scale versions 8.6.1.x ant\u00e9rieures \u00e0 8.6.1.6 sans le correctif PH67142 iFix",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
},
{
"name": "CVE-2020-4301",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4301"
},
{
"name": "CVE-2024-52005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52005"
},
{
"name": "CVE-2021-20468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20468"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2021-29823",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29823"
},
{
"name": "CVE-2021-44532",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
},
{
"name": "CVE-2025-36097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36097"
},
{
"name": "CVE-2022-36773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36773"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-29078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29078"
},
{
"name": "CVE-2023-33953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33953"
},
{
"name": "CVE-2021-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23438"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2023-32732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32732"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2022-30614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30614"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2022-49395",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49395"
},
{
"name": "CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2021-29418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29418"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-39045",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39045"
},
{
"name": "CVE-2022-21824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
},
{
"name": "CVE-2022-21803",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21803"
},
{
"name": "CVE-2021-39009",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39009"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-2900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2021-44531",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
},
{
"name": "CVE-2021-28918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28918"
},
{
"name": "CVE-2025-36038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36038"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2021-3749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3749"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0608",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239645",
"url": "https://www.ibm.com/support/pages/node/7239645"
},
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239617",
"url": "https://www.ibm.com/support/pages/node/7239617"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239753",
"url": "https://www.ibm.com/support/pages/node/7239753"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239757",
"url": "https://www.ibm.com/support/pages/node/7239757"
},
{
"published_at": "2025-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239856",
"url": "https://www.ibm.com/support/pages/node/7239856"
},
{
"published_at": "2025-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239492",
"url": "https://www.ibm.com/support/pages/node/7239492"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6615285",
"url": "https://www.ibm.com/support/pages/node/6615285"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239816",
"url": "https://www.ibm.com/support/pages/node/7239816"
},
{
"published_at": "2025-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239564",
"url": "https://www.ibm.com/support/pages/node/7239564"
},
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239627",
"url": "https://www.ibm.com/support/pages/node/7239627"
},
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239598",
"url": "https://www.ibm.com/support/pages/node/7239598"
}
]
}
CERTFR-2022-AVI-510
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Data Synchronization App versions ant\u00e9rieures \u00e0 3.0.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2021-22940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22940"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2021-22930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-22918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22918"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2021-22939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2021-22931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2020-15168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15168"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-510",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6590981 du 31 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6590981"
}
]
}
CERTFR-2022-AVI-785
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM Cognos Analytics. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 5 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-4301",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4301"
},
{
"name": "CVE-2021-20468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20468"
},
{
"name": "CVE-2021-29823",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29823"
},
{
"name": "CVE-2021-44532",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
},
{
"name": "CVE-2022-36773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36773"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-29078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29078"
},
{
"name": "CVE-2021-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23438"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2022-30614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30614"
},
{
"name": "CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"name": "CVE-2021-29418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29418"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-39045",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39045"
},
{
"name": "CVE-2022-21824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
},
{
"name": "CVE-2022-21803",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21803"
},
{
"name": "CVE-2021-39009",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39009"
},
{
"name": "CVE-2021-44531",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
},
{
"name": "CVE-2021-28918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28918"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2021-3749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3749"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-785",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-09-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Cognos\nAnalytics. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Cognos Analytics",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6615285 du 31 ao\u00fbt 2022",
"url": "https://www.ibm.com/support/pages/node/6615285"
}
]
}
CERTFR-2022-AVI-785
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM Cognos Analytics. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 5 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-4301",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4301"
},
{
"name": "CVE-2021-20468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20468"
},
{
"name": "CVE-2021-29823",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29823"
},
{
"name": "CVE-2021-44532",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
},
{
"name": "CVE-2022-36773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36773"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-29078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29078"
},
{
"name": "CVE-2021-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23438"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2022-30614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30614"
},
{
"name": "CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"name": "CVE-2021-29418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29418"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-39045",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39045"
},
{
"name": "CVE-2022-21824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
},
{
"name": "CVE-2022-21803",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21803"
},
{
"name": "CVE-2021-39009",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39009"
},
{
"name": "CVE-2021-44531",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
},
{
"name": "CVE-2021-28918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28918"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2021-3749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3749"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-785",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-09-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Cognos\nAnalytics. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Cognos Analytics",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6615285 du 31 ao\u00fbt 2022",
"url": "https://www.ibm.com/support/pages/node/6615285"
}
]
}
CERTFR-2022-AVI-924
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 2.31.4",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2022-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0155"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-23346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23346"
},
{
"name": "CVE-2021-23566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23566"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-924",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6827633 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6827633"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
CERTFR-2023-AVI-0238
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une injection de code indirecte à distance (XSS), une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Plus versions 10.1.6 \u00e0 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling B2B Integrator versions 6.x ant\u00e9rieures \u00e0 6.1.2.2",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-1000665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000665"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2020-5258",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5258"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0238",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une injection de code\nindirecte \u00e0 distance (XSS), une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et un d\u00e9ni de\nservice \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963652 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963652"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6955067 du 16 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6955067"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6957718 du 16 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6957718"
}
]
}
CERTFR-2022-AVI-924
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 2.31.4",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2022-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0155"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-23346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23346"
},
{
"name": "CVE-2021-23566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23566"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-924",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6827633 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6827633"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
CERTFR-2022-AVI-494
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct pour UNIX versions 6.2.x antérieures à 6.2.0.3.iFix013 | ||
| IBM | QRadar | IBM Security QRadar Analyst Workflow versions antérieures à 2.15.1 | ||
| IBM | QRadar Deployment Intelligence App | IBM QRadar Deployment Intelligence App versions antérieures à 3.0.5 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Connect:Direct pour UNIX versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.3.iFix013",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Security QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 2.15.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.5",
"product": {
"name": "QRadar Deployment Intelligence App",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2020-28498",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28498"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2021-33623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33623"
},
{
"name": "CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-7793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7793"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2020-15168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15168"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-494",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589583 du 25 avril 2022",
"url": "https://www.ibm.com/support/pages/node/6589583"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589575 du 24 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6589575"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589581 du 11 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6589581"
}
]
}
CERTFR-2022-AVI-928
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | IBM QRadar Pulse App versions antérieures à 2.2.9 | ||
| IBM | N/A | CP4BA version 22.0.1 sans le correctif de sécurité CP4BA 22.0.1-IF2 | ||
| IBM | Cloud Pak | IBM Robotic Process Automation pour Cloud Pak versions antérieures à 21.0.5 | ||
| IBM | N/A | IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de sécurité CMIS 3.0.6-IF2 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 FP6 | ||
| IBM | N/A | CP4BA version 21.0.3 sans le correctif de sécurité CP4BA 21.0.3-IF12 | ||
| IBM | N/A | Enterprise Content Management System Monitor (ESM) versions 5.5.x antérieures à 5.5.9 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics version 4.1.8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 22.0.1 sans le correctif de s\u00e9curit\u00e9 CP4BA 22.0.1-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Robotic Process Automation pour Cloud Pak versions ant\u00e9rieures \u00e0 21.0.5",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de s\u00e9curit\u00e9 CMIS 3.0.6-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 FP6",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 21.0.3 sans le correctif de s\u00e9curit\u00e9 CP4BA 21.0.3-IF12",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Enterprise Content Management System Monitor (ESM) versions 5.5.x ant\u00e9rieures \u00e0 5.5.9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics version 4.1.8",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-34538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34538"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2018-20852",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20852"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2020-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4051"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-10202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10202"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2020-9492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2020-15523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
},
{
"name": "CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2022-34339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34339"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20406",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20406"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2019-16935",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16935"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24758"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-928",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830211 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830211"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830243 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830243"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6828527 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6828527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830257 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830257"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830265 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830265"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
CERTFR-2023-AVI-0276
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une atteinte à l'intégrité des données, un contournement de la politique de sécurité, une injection de code indirecte à distance (XSS), une exécution de code arbitraire à distance, un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM WebSphere Hybrid Edition 5.1 sans le correctif de sécurité APAR PH52925 | ||
| IBM | WebSphere | IBM WebSphere Automation versions antérieures à 1.5.2 | ||
| IBM | WebSphere | IBM WebSphere Application Server 9.0 sans le correctif de sécurité APAR PH52925 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP5 | ||
| IBM | Db2 | IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de sécurité 5733WQX | ||
| IBM | Spectrum | IBM Spectrum Protect Plus Server versions antérieures à 10.1.12.4 | ||
| IBM | N/A | IBM HTTP Server for i sans le correctif de sécurité 5770DG1 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP4 IF01 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics versions 1.0.0 à 4.1.10 antérieures à 4.1.11 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 FP9 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Hybrid Edition 5.1 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Automation versions ant\u00e9rieures \u00e0 1.5.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 9.0 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de s\u00e9curit\u00e9 5733WQX",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus Server versions ant\u00e9rieures \u00e0 10.1.12.4",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server for i sans le correctif de s\u00e9curit\u00e9 5770DG1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP4 IF01",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions 1.0.0 \u00e0 4.1.10 ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 FP9",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28733"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23825"
},
{
"name": "CVE-2021-39227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39227"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2021-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
},
{
"name": "CVE-2018-19797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19797"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2018-19827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19827"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2018-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11694"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4883"
},
{
"name": "CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"name": "CVE-2022-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2020-7764",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7764"
},
{
"name": "CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2019-10785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10785"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2021-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
},
{
"name": "CVE-2019-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6286"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-19839",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19839"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2018-20821",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20821"
},
{
"name": "CVE-2022-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45143"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2019-6283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6283"
},
{
"name": "CVE-2019-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6284"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-25901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25901"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"name": "CVE-2022-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
},
{
"name": "CVE-2022-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3676"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2022-34917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34917"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-43928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43928"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20190"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"name": "CVE-2022-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2625"
},
{
"name": "CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"name": "CVE-2022-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23816"
},
{
"name": "CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"name": "CVE-2018-19838",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19838"
},
{
"name": "CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"name": "CVE-2021-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
},
{
"name": "CVE-2018-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11698"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2022-25758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25758"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2022-37598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37598"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 20 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967365"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967333"
}
],
"reference": "CERTFR-2023-AVI-0276",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de\nprivil\u00e8ges, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, un contournement de\nla politique de s\u00e9curit\u00e9, une injection de code indirecte \u00e0 distance\n(XSS), une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967016 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967283 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967283"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 20 mars 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967285 du 28 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967285"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6966998 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6966998"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967315 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967315"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 30 mars 2023",
"url": null
}
]
}
CERTFR-2025-AVI-0608
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 sans les derniers correctifs de sécurité pour les protocoles GoogleCloudPubSub, GoogleCommon et GoogleGSuiteActivityReportsRESTAPI | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP12 IF03 | ||
| IBM | WebSphere | WebSphere Remote Server sans les derniers correctifs de sécurité | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.4.x antérieures à 6.4.0.2 pour Unix | ||
| IBM | Sterling | Sterling Connect:Direct FTP+ versions 1.3.0 antérieures à 1.3.0.1 | ||
| IBM | Db2 Query Management Facility | Db2 Query Management Facility versions 13.1 et 12.2.0.5 sans le JRE 8.0.8.45 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.3.x antérieures à 6.3.0.5 pour Unix | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.7 pour Windows | ||
| IBM | QRadar Incident Forensics | QRadar Incident Forensics versions 7.5.0 antérieures à 7.5.0 UP12 IF03 | ||
| IBM | WebSphere | WebSphere Application Server Liberty versions antérieures à 25.0.0.8 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.7.iFix052 pour Unix | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 5 | ||
| IBM | WebSphere | WebSphere Application Server versions 9.0.0.x antérieures à 9.0.5.25 | ||
| IBM | WebSphere | WebSphere eXtreme Scale versions 8.6.1.x antérieures à 8.6.1.6 sans le correctif PH67142 iFix |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar SIEM versions 7.5.0 sans les derniers correctifs de s\u00e9curit\u00e9 pour les protocoles GoogleCloudPubSub, GoogleCommon et GoogleGSuiteActivityReportsRESTAPI",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP12 IF03",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Remote Server sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.2 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct FTP+ versions 1.3.0 ant\u00e9rieures \u00e0 1.3.0.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Query Management Facility versions 13.1 et 12.2.0.5 sans le JRE 8.0.8.45",
"product": {
"name": "Db2 Query Management Facility",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.5 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.7 pour Windows",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP12 IF03",
"product": {
"name": "QRadar Incident Forensics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty versions ant\u00e9rieures \u00e0 25.0.0.8",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.7.iFix052 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.0.0.x ant\u00e9rieures \u00e0 9.0.5.25",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere eXtreme Scale versions 8.6.1.x ant\u00e9rieures \u00e0 8.6.1.6 sans le correctif PH67142 iFix",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
},
{
"name": "CVE-2020-4301",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4301"
},
{
"name": "CVE-2024-52005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52005"
},
{
"name": "CVE-2021-20468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20468"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2021-29823",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29823"
},
{
"name": "CVE-2021-44532",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
},
{
"name": "CVE-2025-36097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36097"
},
{
"name": "CVE-2022-36773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36773"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-29078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29078"
},
{
"name": "CVE-2023-33953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33953"
},
{
"name": "CVE-2021-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23438"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2023-32732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32732"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2022-30614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30614"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2022-49395",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49395"
},
{
"name": "CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2021-29418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29418"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-39045",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39045"
},
{
"name": "CVE-2022-21824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
},
{
"name": "CVE-2022-21803",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21803"
},
{
"name": "CVE-2021-39009",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39009"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-2900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2021-44531",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
},
{
"name": "CVE-2021-28918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28918"
},
{
"name": "CVE-2025-36038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36038"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2021-3749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3749"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0608",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239645",
"url": "https://www.ibm.com/support/pages/node/7239645"
},
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239617",
"url": "https://www.ibm.com/support/pages/node/7239617"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239753",
"url": "https://www.ibm.com/support/pages/node/7239753"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239757",
"url": "https://www.ibm.com/support/pages/node/7239757"
},
{
"published_at": "2025-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239856",
"url": "https://www.ibm.com/support/pages/node/7239856"
},
{
"published_at": "2025-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239492",
"url": "https://www.ibm.com/support/pages/node/7239492"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6615285",
"url": "https://www.ibm.com/support/pages/node/6615285"
},
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239816",
"url": "https://www.ibm.com/support/pages/node/7239816"
},
{
"published_at": "2025-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239564",
"url": "https://www.ibm.com/support/pages/node/7239564"
},
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239627",
"url": "https://www.ibm.com/support/pages/node/7239627"
},
{
"published_at": "2025-07-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239598",
"url": "https://www.ibm.com/support/pages/node/7239598"
}
]
}
CERTFR-2023-AVI-0238
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une injection de code indirecte à distance (XSS), une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Plus versions 10.1.6 \u00e0 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling B2B Integrator versions 6.x ant\u00e9rieures \u00e0 6.1.2.2",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-1000665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000665"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2020-5258",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5258"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0238",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une injection de code\nindirecte \u00e0 distance (XSS), une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et un d\u00e9ni de\nservice \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963652 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963652"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6955067 du 16 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6955067"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6957718 du 16 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6957718"
}
]
}
CERTFR-2022-AVI-494
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct pour UNIX versions 6.2.x antérieures à 6.2.0.3.iFix013 | ||
| IBM | QRadar | IBM Security QRadar Analyst Workflow versions antérieures à 2.15.1 | ||
| IBM | QRadar Deployment Intelligence App | IBM QRadar Deployment Intelligence App versions antérieures à 3.0.5 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Connect:Direct pour UNIX versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.3.iFix013",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Security QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 2.15.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.5",
"product": {
"name": "QRadar Deployment Intelligence App",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2020-28498",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28498"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2021-33623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33623"
},
{
"name": "CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-7793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7793"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2020-15168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15168"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-494",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589583 du 25 avril 2022",
"url": "https://www.ibm.com/support/pages/node/6589583"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589575 du 24 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6589575"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589581 du 11 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6589581"
}
]
}
CERTFR-2023-AVI-0240
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données, une exécution de code arbitraire à distance, un déni de service à distance, un contournement de la politique de sécurité, une élévation de privilèges et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Global Mailbox versions 6.0.3.x antérieures à 6.0.3.8 | ||
| IBM | Spectrum | Spectrum Copy Data Management versions 2.2.x antérieures à 2.2.19.0 | ||
| IBM | Spectrum | Spectrum Protect for Space Management versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Sterling | Sterling B2B Integrator versions 6.1.x antérieures à 6.1.2.1 | ||
| IBM | Spectrum | Spectrum Protect Plus versions 10.1.x antérieures à 10.1.14 | ||
| IBM | Spectrum | Spectrum Protect Client versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Sterling | Sterling Global Mailbox versions 6.1.2.x antérieures à 6.1.2.2 | ||
| IBM | Sterling | Sterling B2B Integrator versions 6.0.x antérieures à 6.0.3.8 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Global Mailbox versions 6.0.3.x ant\u00e9rieures \u00e0 6.0.3.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Copy Data Management versions 2.2.x ant\u00e9rieures \u00e0 2.2.19.0",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Protect for Space Management versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Protect Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Global Mailbox versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.2",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-29581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29581"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2022-4379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4379"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-2639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2639"
},
{
"name": "CVE-2022-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2601"
},
{
"name": "CVE-2022-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0168"
},
{
"name": "CVE-2015-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7501"
},
{
"name": "CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-2078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2078"
},
{
"name": "CVE-2022-1184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
},
{
"name": "CVE-2022-2586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2586"
},
{
"name": "CVE-2022-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0494"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3640"
},
{
"name": "CVE-2023-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21835"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-24448",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
},
{
"name": "CVE-2022-1055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1055"
},
{
"name": "CVE-2022-1353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1353"
},
{
"name": "CVE-2022-42436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42436"
},
{
"name": "CVE-2022-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28390"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0240",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963960",
"url": "https://www.ibm.com/support/pages/node/6963960"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963958",
"url": "https://www.ibm.com/support/pages/node/6963958"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963962",
"url": "https://www.ibm.com/support/pages/node/6963962"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963936",
"url": "https://www.ibm.com/support/pages/node/6963936"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963956",
"url": "https://www.ibm.com/support/pages/node/6963956"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6960747",
"url": "https://www.ibm.com/support/pages/node/6960747"
},
{
"published_at": "2023-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6956237",
"url": "https://www.ibm.com/support/pages/node/6956237"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6960739",
"url": "https://www.ibm.com/support/pages/node/6960739"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963954",
"url": "https://www.ibm.com/support/pages/node/6963954"
}
]
}
CERTFR-2023-AVI-0276
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une atteinte à l'intégrité des données, un contournement de la politique de sécurité, une injection de code indirecte à distance (XSS), une exécution de code arbitraire à distance, un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM WebSphere Hybrid Edition 5.1 sans le correctif de sécurité APAR PH52925 | ||
| IBM | WebSphere | IBM WebSphere Automation versions antérieures à 1.5.2 | ||
| IBM | WebSphere | IBM WebSphere Application Server 9.0 sans le correctif de sécurité APAR PH52925 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP5 | ||
| IBM | Db2 | IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de sécurité 5733WQX | ||
| IBM | Spectrum | IBM Spectrum Protect Plus Server versions antérieures à 10.1.12.4 | ||
| IBM | N/A | IBM HTTP Server for i sans le correctif de sécurité 5770DG1 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP4 IF01 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics versions 1.0.0 à 4.1.10 antérieures à 4.1.11 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 FP9 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Hybrid Edition 5.1 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Automation versions ant\u00e9rieures \u00e0 1.5.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 9.0 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de s\u00e9curit\u00e9 5733WQX",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus Server versions ant\u00e9rieures \u00e0 10.1.12.4",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server for i sans le correctif de s\u00e9curit\u00e9 5770DG1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP4 IF01",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions 1.0.0 \u00e0 4.1.10 ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 FP9",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28733"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23825"
},
{
"name": "CVE-2021-39227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39227"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2021-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
},
{
"name": "CVE-2018-19797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19797"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2018-19827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19827"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2018-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11694"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4883"
},
{
"name": "CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"name": "CVE-2022-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2020-7764",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7764"
},
{
"name": "CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2019-10785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10785"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2021-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
},
{
"name": "CVE-2019-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6286"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-19839",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19839"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2018-20821",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20821"
},
{
"name": "CVE-2022-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45143"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2019-6283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6283"
},
{
"name": "CVE-2019-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6284"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-25901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25901"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"name": "CVE-2022-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
},
{
"name": "CVE-2022-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3676"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2022-34917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34917"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-43928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43928"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20190"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"name": "CVE-2022-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2625"
},
{
"name": "CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"name": "CVE-2022-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23816"
},
{
"name": "CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"name": "CVE-2018-19838",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19838"
},
{
"name": "CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"name": "CVE-2021-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
},
{
"name": "CVE-2018-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11698"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2022-25758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25758"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2022-37598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37598"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 20 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967365"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967333"
}
],
"reference": "CERTFR-2023-AVI-0276",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de\nprivil\u00e8ges, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, un contournement de\nla politique de s\u00e9curit\u00e9, une injection de code indirecte \u00e0 distance\n(XSS), une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967016 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967283 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967283"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 20 mars 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967285 du 28 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967285"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6966998 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6966998"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967315 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967315"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 30 mars 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0240
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données, une exécution de code arbitraire à distance, un déni de service à distance, un contournement de la politique de sécurité, une élévation de privilèges et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Global Mailbox versions 6.0.3.x antérieures à 6.0.3.8 | ||
| IBM | Spectrum | Spectrum Copy Data Management versions 2.2.x antérieures à 2.2.19.0 | ||
| IBM | Spectrum | Spectrum Protect for Space Management versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Sterling | Sterling B2B Integrator versions 6.1.x antérieures à 6.1.2.1 | ||
| IBM | Spectrum | Spectrum Protect Plus versions 10.1.x antérieures à 10.1.14 | ||
| IBM | Spectrum | Spectrum Protect Client versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Sterling | Sterling Global Mailbox versions 6.1.2.x antérieures à 6.1.2.2 | ||
| IBM | Sterling | Sterling B2B Integrator versions 6.0.x antérieures à 6.0.3.8 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Global Mailbox versions 6.0.3.x ant\u00e9rieures \u00e0 6.0.3.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Copy Data Management versions 2.2.x ant\u00e9rieures \u00e0 2.2.19.0",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Protect for Space Management versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Spectrum Protect Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Global Mailbox versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.2",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-29581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29581"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2022-4379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4379"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-2639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2639"
},
{
"name": "CVE-2022-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2601"
},
{
"name": "CVE-2022-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0168"
},
{
"name": "CVE-2015-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7501"
},
{
"name": "CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-2078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2078"
},
{
"name": "CVE-2022-1184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
},
{
"name": "CVE-2022-2586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2586"
},
{
"name": "CVE-2022-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0494"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3640"
},
{
"name": "CVE-2023-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21835"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-24448",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
},
{
"name": "CVE-2022-1055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1055"
},
{
"name": "CVE-2022-1353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1353"
},
{
"name": "CVE-2022-42436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42436"
},
{
"name": "CVE-2022-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28390"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0240",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963960",
"url": "https://www.ibm.com/support/pages/node/6963960"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963958",
"url": "https://www.ibm.com/support/pages/node/6963958"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963962",
"url": "https://www.ibm.com/support/pages/node/6963962"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963936",
"url": "https://www.ibm.com/support/pages/node/6963936"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963956",
"url": "https://www.ibm.com/support/pages/node/6963956"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6960747",
"url": "https://www.ibm.com/support/pages/node/6960747"
},
{
"published_at": "2023-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6956237",
"url": "https://www.ibm.com/support/pages/node/6956237"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6960739",
"url": "https://www.ibm.com/support/pages/node/6960739"
},
{
"published_at": "2023-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963954",
"url": "https://www.ibm.com/support/pages/node/6963954"
}
]
}
WID-SEC-W-2023-0856
Vulnerability from csaf_certbund - Published: 2022-05-31 22:00 - Updated: 2023-04-04 22:00Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0856 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0856.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0856 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0856"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6980799 vom 2023-04-04",
"url": "https://www.ibm.com/support/pages/node/6980799"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2022-05-31",
"url": "https://www.ibm.com/support/pages/node/6590981"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-04T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:48:07.215+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0856",
"initial_release_date": "2022-05-31T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-05-31T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM \u003c 3.0.1",
"product": {
"name": "IBM QRadar SIEM \u003c 3.0.1",
"product_id": "T023376",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:3.0.1"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-11655",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-11655"
},
{
"cve": "CVE-2020-11656",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-11656"
},
{
"cve": "CVE-2020-13434",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-13434"
},
{
"cve": "CVE-2020-13435",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-13435"
},
{
"cve": "CVE-2020-13630",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-13630"
},
{
"cve": "CVE-2020-13631",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-13631"
},
{
"cve": "CVE-2020-13632",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-13632"
},
{
"cve": "CVE-2020-15168",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-15168"
},
{
"cve": "CVE-2020-15358",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-15358"
},
{
"cve": "CVE-2020-28469",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-28469"
},
{
"cve": "CVE-2020-7788",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-7788"
},
{
"cve": "CVE-2020-9327",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2020-9327"
},
{
"cve": "CVE-2021-22918",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-22918"
},
{
"cve": "CVE-2021-22930",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-22930"
},
{
"cve": "CVE-2021-22931",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-22931"
},
{
"cve": "CVE-2021-22939",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-22939"
},
{
"cve": "CVE-2021-22940",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-22940"
},
{
"cve": "CVE-2021-23343",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-23362",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-23362"
},
{
"cve": "CVE-2021-27290",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-27290"
},
{
"cve": "CVE-2021-32803",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-33502",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-33502"
},
{
"cve": "CVE-2021-3672",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-3672"
},
{
"cve": "CVE-2021-37701",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-37701"
},
{
"cve": "CVE-2021-37712",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-37712"
},
{
"cve": "CVE-2021-37713",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-37713"
},
{
"cve": "CVE-2021-3807",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden."
}
],
"release_date": "2022-05-31T22:00:00.000+00:00",
"title": "CVE-2021-3918"
}
]
}
WID-SEC-W-2023-1542
Vulnerability from csaf_certbund - Published: 2023-06-22 22:00 - Updated: 2025-10-23 22:00Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Zustand herbeizuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1542 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1542.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1542 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1542"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3742 vom 2023-06-22",
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3612 vom 2023-06-23",
"url": "https://access.redhat.com/errata/RHSA-2023:3614"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3615 vom 2023-06-22",
"url": "https://access.redhat.com/errata/RHSA-2023:3615"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3613 vom 2023-06-27",
"url": "https://access.redhat.com/errata/RHSA-2023:3613"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2023-06-29",
"url": "https://access.redhat.com/errata/RHSA-2023:3918"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3943 vom 2023-06-29",
"url": "https://access.redhat.com/errata/RHSA-2023:3943"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3910 vom 2023-07-06",
"url": "https://access.redhat.com/errata/RHSA-2023:3910"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3915 vom 2023-07-06",
"url": "https://access.redhat.com/errata/RHSA-2023:3915"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3925 vom 2023-07-06",
"url": "https://access.redhat.com/errata/RHSA-2023:3925"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4003 vom 2023-07-10",
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-6CFE7492C1 vom 2023-07-16",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-6cfe7492c1"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-AA7C75ED4A vom 2023-07-16",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-aa7c75ed4a"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4025 vom 2023-07-18",
"url": "https://access.redhat.com/errata/RHSA-2023:4025"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4112 vom 2023-07-18",
"url": "https://access.redhat.com/errata/RHSA-2023:4112"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4113 vom 2023-07-18",
"url": "https://access.redhat.com/errata/RHSA-2023:4113"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4114 vom 2023-07-18",
"url": "https://access.redhat.com/errata/RHSA-2023:4114"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4053 vom 2023-07-19",
"url": "https://access.redhat.com/errata/RHSA-2023:4053"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4204 vom 2023-07-19",
"url": "https://access.redhat.com/errata/RHSA-2023:4204"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4090 vom 2023-07-21",
"url": "https://access.redhat.com/errata/RHSA-2023:4090"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4241 vom 2023-07-21",
"url": "https://access.redhat.com/errata/RHSA-2023:4241"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4238 vom 2023-07-20",
"url": "https://access.redhat.com/errata/RHSA-2023:4238"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4093 vom 2023-07-20",
"url": "https://access.redhat.com/errata/RHSA-2023:4093"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4091 vom 2023-07-20",
"url": "https://access.redhat.com/errata/RHSA-2023:4091"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4225 vom 2023-07-27",
"url": "https://access.redhat.com/errata/RHSA-2023:4225"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4226 vom 2023-07-27",
"url": "https://access.redhat.com/errata/RHSA-2023:4226"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4470 vom 2023-08-03",
"url": "https://access.redhat.com/errata/RHSA-2023:4470"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4335 vom 2023-08-08",
"url": "https://access.redhat.com/errata/RHSA-2023:4335"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4674 vom 2023-08-23",
"url": "https://access.redhat.com/errata/RHSA-2023:4674"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4983 vom 2023-09-05",
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5103 vom 2023-09-12",
"url": "https://access.redhat.com/errata/RHSA-2023:5103"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5233 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5233"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5314 vom 2023-09-20",
"url": "https://access.redhat.com/errata/RHSA-2023:5314"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:6316 vom 2023-11-07",
"url": "https://access.redhat.com/errata/RHSA-2023:6316"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7058 vom 2023-11-15",
"url": "https://access.redhat.com/errata/RHSA-2023:7058"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-6939 vom 2023-11-21",
"url": "https://linux.oracle.com/errata/ELSA-2023-6939.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-14A33318B8 vom 2023-12-03",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-14a33318b8"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7672 vom 2023-12-06",
"url": "https://access.redhat.com/errata/RHSA-2023:7672"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7820 vom 2023-12-14",
"url": "https://access.redhat.com/errata/RHSA-2023:7820"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5006 vom 2023-12-30",
"url": "https://access.redhat.com/errata/RHSA-2023:5006"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7823 vom 2024-01-05",
"url": "https://access.redhat.com/errata/RHSA-2023:7823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0139 vom 2024-01-10",
"url": "https://access.redhat.com/errata/RHSA-2024:0139"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0143 vom 2024-01-10",
"url": "https://access.redhat.com/errata/RHSA-2024:0143"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0137 vom 2024-01-10",
"url": "https://access.redhat.com/errata/RHSA-2024:0137"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0121 vom 2024-01-10",
"url": "https://access.redhat.com/errata/RHSA-2024:0121"
},
{
"category": "external",
"summary": "Meinberg Security Advisory",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-01-lantime-firmware-v7-08-007.htm"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202405-04 vom 2024-05-04",
"url": "https://security.gentoo.org/glsa/202405-04"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2987 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:2987"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3254 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:3254"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19094 vom 2025-10-24",
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-23T22:00:00.000+00:00",
"generator": {
"date": "2025-10-24T08:33:28.970+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2023-1542",
"initial_release_date": "2023-06-22T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-22T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-06-25T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-26T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-28T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-29T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-05T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-06T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-10T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-16T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-07-17T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-18T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-20T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-26T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-08-03T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-08-07T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-08-23T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-12T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-19T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-11-07T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-11-21T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-12-03T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-12-06T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-12-13T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-01-01T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-01-04T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-01-10T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-01-30T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Meinberg aufgenommen"
},
{
"date": "2024-05-05T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "34"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.08.007",
"product": {
"name": "Meinberg LANTIME \u003c7.08.007",
"product_id": "T032435"
}
},
{
"category": "product_version",
"name": "7.08.007",
"product": {
"name": "Meinberg LANTIME 7.08.007",
"product_id": "T032435-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:7.08.007"
}
}
}
],
"category": "product_name",
"name": "LANTIME"
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security for Kubernetes 4",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
"product_id": "T027916",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
}
}
},
{
"category": "product_version",
"name": "Service Interconnect 1",
"product": {
"name": "Red Hat Enterprise Linux Service Interconnect 1",
"product_id": "T028472",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:service_interconnect_1"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "T008027",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "T026435",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.12"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.13.4",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.13.4",
"product_id": "T028225"
}
},
{
"category": "product_version",
"name": "Container Platform 4.13.4",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13.4",
"product_id": "T028225-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.13.4"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.13.0",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.13.0",
"product_id": "T028289"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.13.0",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.13.0",
"product_id": "T028289-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation_4.13.0"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.22",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.22",
"product_id": "T028307"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.22",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.22",
"product_id": "T028307-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.22"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.11.44",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.11.44",
"product_id": "T028416"
}
},
{
"category": "product_version",
"name": "Container Platform 4.11.44",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11.44",
"product_id": "T028416-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.11.44"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.12.10",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.12.10",
"product_id": "T031698"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.12.10",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.12.10",
"product_id": "T031698-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.12.10"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.0",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.0",
"product_id": "T031839"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.0",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.0",
"product_id": "T031839-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.0"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.46",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.46",
"product_id": "T031870"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.46",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.46",
"product_id": "T031870-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.46"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-20107",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2015-20107"
},
{
"cve": "CVE-2018-25032",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2020-10735",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2020-10735"
},
{
"cve": "CVE-2020-16250",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2020-16250"
},
{
"cve": "CVE-2020-16251",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2020-16251"
},
{
"cve": "CVE-2020-17049",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2020-17049"
},
{
"cve": "CVE-2021-28861",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-28861"
},
{
"cve": "CVE-2021-3765",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-3765"
},
{
"cve": "CVE-2021-3807",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-4231",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-4231"
},
{
"cve": "CVE-2021-4235",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-4235"
},
{
"cve": "CVE-2021-4238",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-4238"
},
{
"cve": "CVE-2021-43519",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-43519"
},
{
"cve": "CVE-2021-43998",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-43998"
},
{
"cve": "CVE-2021-44531",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-44531"
},
{
"cve": "CVE-2021-44532",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-44532"
},
{
"cve": "CVE-2021-44533",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-44533"
},
{
"cve": "CVE-2021-44964",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-44964"
},
{
"cve": "CVE-2021-46828",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-46828"
},
{
"cve": "CVE-2021-46848",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2021-46848"
},
{
"cve": "CVE-2022-0670",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-0670"
},
{
"cve": "CVE-2022-1271",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-1271"
},
{
"cve": "CVE-2022-1304",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-1304"
},
{
"cve": "CVE-2022-1348",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-1348"
},
{
"cve": "CVE-2022-1586",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-1586"
},
{
"cve": "CVE-2022-1587",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-1587"
},
{
"cve": "CVE-2022-21824",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-21824"
},
{
"cve": "CVE-2022-2309",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-2309"
},
{
"cve": "CVE-2022-23540",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-23540"
},
{
"cve": "CVE-2022-23541",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-23541"
},
{
"cve": "CVE-2022-24903",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-24903"
},
{
"cve": "CVE-2022-2509",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-2509"
},
{
"cve": "CVE-2022-26280",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-26280"
},
{
"cve": "CVE-2022-27664",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-2795",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-2795"
},
{
"cve": "CVE-2022-2879",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-2879"
},
{
"cve": "CVE-2022-2880",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-2880"
},
{
"cve": "CVE-2022-28805",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-28805"
},
{
"cve": "CVE-2022-29154",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-29154"
},
{
"cve": "CVE-2022-30635",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-30635"
},
{
"cve": "CVE-2022-3094",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3094"
},
{
"cve": "CVE-2022-31129",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-31129"
},
{
"cve": "CVE-2022-32189",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-32189"
},
{
"cve": "CVE-2022-32190",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-32190"
},
{
"cve": "CVE-2022-33099",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-33099"
},
{
"cve": "CVE-2022-3358",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3358"
},
{
"cve": "CVE-2022-34903",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-34903"
},
{
"cve": "CVE-2022-3515",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3515"
},
{
"cve": "CVE-2022-3517",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3517"
},
{
"cve": "CVE-2022-35737",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-35737"
},
{
"cve": "CVE-2022-36227",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-36227"
},
{
"cve": "CVE-2022-3715",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3715"
},
{
"cve": "CVE-2022-3736",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3736"
},
{
"cve": "CVE-2022-37434",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-38149",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-38149"
},
{
"cve": "CVE-2022-3821",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3821"
},
{
"cve": "CVE-2022-38900",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2022-3924",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-3924"
},
{
"cve": "CVE-2022-40023",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-40023"
},
{
"cve": "CVE-2022-40303",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-40897",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-40897"
},
{
"cve": "CVE-2022-41316",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-41316"
},
{
"cve": "CVE-2022-41715",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-41717",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-41723",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-41723"
},
{
"cve": "CVE-2022-41724",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-41724"
},
{
"cve": "CVE-2022-41725",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-41725"
},
{
"cve": "CVE-2022-42010",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-42010"
},
{
"cve": "CVE-2022-42011",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-42011"
},
{
"cve": "CVE-2022-42012",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-42012"
},
{
"cve": "CVE-2022-42898",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-42898"
},
{
"cve": "CVE-2022-42919",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-42919"
},
{
"cve": "CVE-2022-43680",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-43680"
},
{
"cve": "CVE-2022-4415",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-4415"
},
{
"cve": "CVE-2022-45061",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-45061"
},
{
"cve": "CVE-2022-45873",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-45873"
},
{
"cve": "CVE-2022-46175",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-46175"
},
{
"cve": "CVE-2022-47024",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-47024"
},
{
"cve": "CVE-2022-47629",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-47629"
},
{
"cve": "CVE-2022-48303",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-48303"
},
{
"cve": "CVE-2022-48337",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-48337"
},
{
"cve": "CVE-2022-48338",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-48338"
},
{
"cve": "CVE-2022-48339",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2022-48339"
},
{
"cve": "CVE-2023-0361",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-0361"
},
{
"cve": "CVE-2023-0620",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-0620"
},
{
"cve": "CVE-2023-0665",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-0665"
},
{
"cve": "CVE-2023-22809",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-22809"
},
{
"cve": "CVE-2023-24329",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-24329"
},
{
"cve": "CVE-2023-2491",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-2491"
},
{
"cve": "CVE-2023-24999",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-24999"
},
{
"cve": "CVE-2023-25000",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-25000"
},
{
"cve": "CVE-2023-25136",
"product_status": {
"known_affected": [
"T032435",
"T031698",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"74185",
"T031870",
"T027916",
"T028307",
"T028416",
"T026435",
"T028225",
"T031839",
"T028289"
]
},
"release_date": "2023-06-22T22:00:00.000+00:00",
"title": "CVE-2023-25136"
}
]
}
WID-SEC-W-2022-1375
Vulnerability from csaf_certbund - Published: 2022-09-11 22:00 - Updated: 2023-09-14 22:00Summary
JFrog Artifactory: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JFrog Artifactory ist eine universelle DevOps-Lösung.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in JFrog Artifactory ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszulösen.
Betroffene Betriebssysteme
- UNIX
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JFrog Artifactory ist eine universelle DevOps-L\u00f6sung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in JFrog Artifactory ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1375 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1375.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1375 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1375"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5165 vom 2023-09-14",
"url": "https://access.redhat.com/errata/RHSA-2023:5165"
},
{
"category": "external",
"summary": "JFrog Fixed Security Vulnerabilities vom 2022-09-11",
"url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities"
},
{
"category": "external",
"summary": "JFrog Fixed Security Vulnerabilities",
"url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6782 vom 2022-10-04",
"url": "https://access.redhat.com/errata/RHSA-2022:6782"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5776-1 vom 2022-12-13",
"url": "https://ubuntu.com/security/notices/USN-5776-1"
}
],
"source_lang": "en-US",
"title": "JFrog Artifactory: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-09-14T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:34:59.214+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1375",
"initial_release_date": "2022-09-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-09-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-10-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-04T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-12T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-12-20T23:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-DB674BAFD9, FEDORA-2022-7E327A20BE"
},
{
"date": "2023-09-14T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "JFrog Artifactory",
"product": {
"name": "JFrog Artifactory",
"product_id": "T024527",
"product_identification_helper": {
"cpe": "cpe:/a:jfrog:artifactory:-"
}
}
},
{
"category": "product_name",
"name": "JFrog Artifactory \u003c 7.46.3",
"product": {
"name": "JFrog Artifactory \u003c 7.46.3",
"product_id": "T024764",
"product_identification_helper": {
"cpe": "cpe:/a:jfrog:artifactory:7.46.3"
}
}
}
],
"category": "product_name",
"name": "Artifactory"
}
],
"category": "vendor",
"name": "JFrog"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-4517",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2013-4517"
},
{
"cve": "CVE-2013-7285",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2013-7285"
},
{
"cve": "CVE-2014-0107",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2014-0107"
},
{
"cve": "CVE-2014-0114",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2014-0114"
},
{
"cve": "CVE-2014-3577",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2014-3577"
},
{
"cve": "CVE-2014-3623",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2014-3623"
},
{
"cve": "CVE-2015-0227",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2015-0227"
},
{
"cve": "CVE-2015-2575",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2015-2575"
},
{
"cve": "CVE-2015-3253",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2015-3253"
},
{
"cve": "CVE-2015-4852",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2015-4852"
},
{
"cve": "CVE-2015-7940",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2015-7940"
},
{
"cve": "CVE-2016-10750",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2016-10750"
},
{
"cve": "CVE-2016-3092",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2016-3092"
},
{
"cve": "CVE-2016-3674",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2016-3674"
},
{
"cve": "CVE-2016-6501",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2016-6501"
},
{
"cve": "CVE-2016-8735",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2016-8735"
},
{
"cve": "CVE-2016-8745",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2016-8745"
},
{
"cve": "CVE-2017-1000487",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-1000487"
},
{
"cve": "CVE-2017-15095",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-15095"
},
{
"cve": "CVE-2017-17485",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-17485"
},
{
"cve": "CVE-2017-18214",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-18214"
},
{
"cve": "CVE-2017-18640",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-18640"
},
{
"cve": "CVE-2017-7525",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-7525"
},
{
"cve": "CVE-2017-7657",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-7657"
},
{
"cve": "CVE-2017-7957",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-7957"
},
{
"cve": "CVE-2017-9506",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2017-9506"
},
{
"cve": "CVE-2018-1000206",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2018-1000206"
},
{
"cve": "CVE-2018-9116",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2018-9116"
},
{
"cve": "CVE-2019-10219",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2019-10219"
},
{
"cve": "CVE-2019-12402",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2019-12402"
},
{
"cve": "CVE-2019-17359",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2019-17359"
},
{
"cve": "CVE-2019-17571",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2019-17571"
},
{
"cve": "CVE-2019-20104",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2019-20104"
},
{
"cve": "CVE-2020-11996",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-11996"
},
{
"cve": "CVE-2020-13934",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-13934"
},
{
"cve": "CVE-2020-13935",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-13935"
},
{
"cve": "CVE-2020-13949",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-13949"
},
{
"cve": "CVE-2020-14340",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-14340"
},
{
"cve": "CVE-2020-15586",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-15586"
},
{
"cve": "CVE-2020-1745",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-1745"
},
{
"cve": "CVE-2020-17521",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-17521"
},
{
"cve": "CVE-2020-25649",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-25649"
},
{
"cve": "CVE-2020-28500",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-28500"
},
{
"cve": "CVE-2020-29582",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-29582"
},
{
"cve": "CVE-2020-36518",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-36518"
},
{
"cve": "CVE-2020-7226",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-7226"
},
{
"cve": "CVE-2020-7692",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-7692"
},
{
"cve": "CVE-2020-8203",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2020-8203"
},
{
"cve": "CVE-2021-13936",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-13936"
},
{
"cve": "CVE-2021-21290",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-21290"
},
{
"cve": "CVE-2021-22060",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-22060"
},
{
"cve": "CVE-2021-22112",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-22112"
},
{
"cve": "CVE-2021-22119",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-22119"
},
{
"cve": "CVE-2021-22147",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-22147"
},
{
"cve": "CVE-2021-22148",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-22148"
},
{
"cve": "CVE-2021-22149",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-22149"
},
{
"cve": "CVE-2021-22573",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-22573"
},
{
"cve": "CVE-2021-23337",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-23337"
},
{
"cve": "CVE-2021-25122",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-25122"
},
{
"cve": "CVE-2021-26291",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-26291"
},
{
"cve": "CVE-2021-27568",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-27568"
},
{
"cve": "CVE-2021-29505",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-29505"
},
{
"cve": "CVE-2021-30129",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-30129"
},
{
"cve": "CVE-2021-33037",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-33037"
},
{
"cve": "CVE-2021-35550",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35550"
},
{
"cve": "CVE-2021-35556",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35556"
},
{
"cve": "CVE-2021-35560",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35560"
},
{
"cve": "CVE-2021-35561",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35561"
},
{
"cve": "CVE-2021-35564",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35564"
},
{
"cve": "CVE-2021-35565",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35565"
},
{
"cve": "CVE-2021-35567",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35567"
},
{
"cve": "CVE-2021-35578",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35578"
},
{
"cve": "CVE-2021-35586",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35586"
},
{
"cve": "CVE-2021-35588",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35588"
},
{
"cve": "CVE-2021-35603",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-35603"
},
{
"cve": "CVE-2021-36374",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-36374"
},
{
"cve": "CVE-2021-3765",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-3765"
},
{
"cve": "CVE-2021-3807",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-38561",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-38561"
},
{
"cve": "CVE-2021-3859",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-3859"
},
{
"cve": "CVE-2021-41090",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-41090"
},
{
"cve": "CVE-2021-41091",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-41091"
},
{
"cve": "CVE-2021-42340",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-42340"
},
{
"cve": "CVE-2021-42550",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-42550"
},
{
"cve": "CVE-2021-43797",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2021-43797"
},
{
"cve": "CVE-2022-0536",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-0536"
},
{
"cve": "CVE-2022-22963",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-22963"
},
{
"cve": "CVE-2022-23632",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-23632"
},
{
"cve": "CVE-2022-23648",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-23648"
},
{
"cve": "CVE-2022-23806",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-24769",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-24769"
},
{
"cve": "CVE-2022-24823",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-27191",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-27191"
},
{
"cve": "CVE-2022-29153",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-29153"
},
{
"cve": "CVE-2022-32212",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-32212"
},
{
"cve": "CVE-2022-32213",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-32213"
},
{
"cve": "CVE-2022-32214",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-32214"
},
{
"cve": "CVE-2022-32215",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-32215"
},
{
"cve": "CVE-2022-32223",
"notes": [
{
"category": "description",
"text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T024527",
"67646",
"T000126",
"T024764"
]
},
"release_date": "2022-09-11T22:00:00.000+00:00",
"title": "CVE-2022-32223"
}
]
}
WID-SEC-W-2022-2133
Vulnerability from csaf_certbund - Published: 2022-11-20 23:00 - Updated: 2022-12-19 23:00Summary
JFrog Artifactory: Mehrere Schwachstellen in Drittanbieter-Komponenten
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JFrog Artifactory ist eine universelle DevOps-Lösung.
Angriff
JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar.
Betroffene Betriebssysteme
- UNIX
- Linux
{
"document": {
"aggregate_severity": {
"text": "niedrig"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JFrog Artifactory ist eine universelle DevOps-L\u00f6sung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-2133 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2133.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-2133 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2133"
},
{
"category": "external",
"summary": "HCL Article KB0102172 vom 2022-12-19",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102172"
},
{
"category": "external",
"summary": "JFrog Fixed Security Vulnerabilities - \u00c4nderungen vom 2022-11-24",
"url": "https://www.jfrog.com/confluence/pages/diffpagesbyversion.action?pageId=102634317\u0026selectedPageVersions=159\u0026selectedPageVersions=156"
},
{
"category": "external",
"summary": "JFrog Fixed Security Vulnerabilities vom 2022-11-20",
"url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities"
}
],
"source_lang": "en-US",
"title": "JFrog Artifactory: Mehrere Schwachstellen in Drittanbieter-Komponenten",
"tracking": {
"current_release_date": "2022-12-19T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:38:41.580+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-2133",
"initial_release_date": "2022-11-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-11-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-11-30T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Informationen von JFrog aufgenommen"
},
{
"date": "2022-12-19T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HCL aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HCL Domino",
"product": {
"name": "HCL Domino",
"product_id": "777623",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:domino:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "JFrog Artifactory \u003c 7.47.7",
"product": {
"name": "JFrog Artifactory \u003c 7.47.7",
"product_id": "T025370",
"product_identification_helper": {
"cpe": "cpe:/a:jfrog:artifactory:7.47.7"
}
}
}
],
"category": "vendor",
"name": "JFrog"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-16869",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2019-16869"
},
{
"cve": "CVE-2019-20444",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2019-20444"
},
{
"cve": "CVE-2019-20445",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2019-20445"
},
{
"cve": "CVE-2020-7608",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2020-7608"
},
{
"cve": "CVE-2020-7789",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2020-7789"
},
{
"cve": "CVE-2021-26291",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2021-26291"
},
{
"cve": "CVE-2021-3807",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-44906",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2021-44906"
},
{
"cve": "CVE-2022-0235",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-0235"
},
{
"cve": "CVE-2022-1962",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-1962"
},
{
"cve": "CVE-2022-24823",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-25857",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-25857"
},
{
"cve": "CVE-2022-25878",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-25878"
},
{
"cve": "CVE-2022-27191",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-27191"
},
{
"cve": "CVE-2022-28131",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-28131"
},
{
"cve": "CVE-2022-30187",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-30187"
},
{
"cve": "CVE-2022-30633",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-30633"
},
{
"cve": "CVE-2022-30635",
"notes": [
{
"category": "description",
"text": "JFrog Artifactory nutzt verschiedene Komponenten von Drittanbietern. Diese enthalten mehrere Schwachstellen. Neuen Informationen von JFrog zufolge sind diese Schwachstellen jedoch nicht in Produkten von JFrog ausnutzbar."
}
],
"product_status": {
"known_affected": [
"777623"
]
},
"release_date": "2022-11-20T23:00:00.000+00:00",
"title": "CVE-2022-30635"
}
]
}
WID-SEC-W-2022-0103
Vulnerability from csaf_certbund - Published: 2022-01-24 23:00 - Updated: 2025-01-19 23:00Summary
Node.js: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Node.js ist eine Plattform zur Entwicklung von Netzwerkanwendungen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Node.js ausnutzen, um einen Denial of Service Angriff durchzuführen oder Code zur Ausführung zu bringen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Node.js ist eine Plattform zur Entwicklung von Netzwerkanwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Node.js ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder Code zur Ausf\u00fchrung zu bringen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0103 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0103.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0103 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0103"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2022-01-24",
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0350 vom 2022-02-02",
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-0350 vom 2022-02-02",
"url": "http://linux.oracle.com/errata/ELSA-2022-0350.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0531-1 vom 2022-02-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010279.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0563-1 vom 2022-02-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010304.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0569-1 vom 2022-02-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010307.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0570-1 vom 2022-02-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010306.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0657-1 vom 2022-03-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010326.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0595 vom 2022-03-04",
"url": "https://access.redhat.com/errata/RHSA-2022:0595"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0735 vom 2022-03-03",
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0704-1 vom 2022-03-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010344.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0715-1 vom 2022-03-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010355.html"
},
{
"category": "external",
"summary": "HCL Article KB0096877 vom 2022-04-06",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0096877"
},
{
"category": "external",
"summary": "Huntr.dev PoC CVE-2021-3807 vom 2022-05-12",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:1717-1 vom 2022-05-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011058.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4711 vom 2022-05-26",
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4814 vom 2022-05-31",
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4914 vom 2022-06-06",
"url": "https://access.redhat.com/errata/RHSA-2022:4914"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4956 vom 2022-06-09",
"url": "https://access.redhat.com/errata/RHSA-2022:4956"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5483 vom 2022-07-01",
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6603645 vom 2022-07-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-json-schema-library-affect-tivoli-netcool-omnibus-webgui-cve-2021-3918/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6449 vom 2022-09-13",
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-6449 vom 2022-09-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-6449.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6595 vom 2022-09-21",
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-6595 vom 2022-09-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-6595.html"
},
{
"category": "external",
"summary": "JFrog Fixed Security Vulnerabilities",
"url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities"
},
{
"category": "external",
"summary": "Oracle Linux Bulletin-October 2022 vom 2022-10-18",
"url": "https://www.oracle.com/security-alerts/linuxbulletinoct2022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7055 vom 2022-10-19",
"url": "https://access.redhat.com/errata/RHSA-2022:7055"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3228 vom 2022-12-06",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00013.html"
},
{
"category": "external",
"summary": "HCL Article KB0102172 vom 2022-12-19",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102172"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6955067 vom 2023-03-16",
"url": "https://www.ibm.com/support/pages/node/6955067"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6956237 vom 2023-03-17",
"url": "https://www.ibm.com/support/pages/node/6956237"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6103-1 vom 2023-05-24",
"url": "https://ubuntu.com/security/notices/USN-6103-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0191-1 vom 2024-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017744.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0486-1 vom 2024-02-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017932.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0487-1 vom 2024-02-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017931.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250117-0004 vom 2025-01-17",
"url": "https://security.netapp.com/advisory/ntap-20250117-0004/"
}
],
"source_lang": "en-US",
"title": "Node.js: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-19T23:00:00.000+00:00",
"generator": {
"date": "2025-01-20T09:28:10.850+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2022-0103",
"initial_release_date": "2022-01-24T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-01-24T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-01-25T23:00:00.000+00:00",
"number": "2",
"summary": "Korrektur bzgl. betroffenem Red Hat Produkt"
},
{
"date": "2022-02-01T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-02T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-02-21T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-02-24T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-03-02T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-03-03T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2022-03-06T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-04-05T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-05-12T22:00:00.000+00:00",
"number": "11",
"summary": "PoC f\u00fcr CVE-2021-3807 aufgenommen"
},
{
"date": "2022-05-17T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-05-26T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-31T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-06T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-08T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-14T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-09-13T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-14T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-21T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-10-03T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-18T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-19T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-06T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-12-19T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2023-03-15T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-16T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-05-24T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-01-23T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-02-15T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von NetApp aufgenommen"
}
],
"status": "final",
"version": "33"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "HCL BigFix",
"product": {
"name": "HCL BigFix",
"product_id": "T017494",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:-"
}
}
},
{
"category": "product_name",
"name": "HCL Domino",
"product": {
"name": "HCL Domino",
"product_id": "777623",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:domino:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.1",
"product": {
"name": "IBM Spectrum Protect 8.1",
"product_id": "T010033",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:8.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.14",
"product": {
"name": "IBM Spectrum Protect \u003c10.1.14",
"product_id": "T026783"
}
},
{
"category": "product_version",
"name": "10.1.14",
"product": {
"name": "IBM Spectrum Protect 10.1.14",
"product_id": "T026783-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:10.1.14"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
},
{
"category": "product_name",
"name": "IBM Tivoli Netcool/OMNIbus",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus",
"product_id": "T004181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.46.3",
"product": {
"name": "JFrog Artifactory \u003c7.46.3",
"product_id": "T024764"
}
},
{
"category": "product_version",
"name": "7.46.3",
"product": {
"name": "JFrog Artifactory 7.46.3",
"product_id": "T024764-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:jfrog:artifactory:7.46.3"
}
}
}
],
"category": "product_name",
"name": "Artifactory"
}
],
"category": "vendor",
"name": "JFrog"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T032260",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Node.js",
"product": {
"name": "Open Source Node.js",
"product_id": "T017684",
"product_identification_helper": {
"cpe": "cpe:/a:nodejs:nodejs:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Node.js. Hierbei handelt es sich um eine Denial-of-Service-Schwachstelle (ReDoS) durch regul\u00e4re Ausdr\u00fccke in nodejs-ansi-regex. Ein entfernter anonymer Angreifer kann das ausnutzen, um einen Denial of Service durch eine \u00fcberm\u00e4\u00dfige CPU Nutzung zu verursachen."
}
],
"product_status": {
"known_affected": [
"67646",
"T010033",
"T032260",
"T004914",
"T017494",
"T017684",
"2951",
"T002207",
"T000126",
"T004181",
"T024764",
"777623",
"T026783"
]
},
"release_date": "2022-01-24T23:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Node.js. Die json-schema Node.JS-Bibliothek ist w\u00e4hrend der Validierung eines JSON-Objekts anf\u00e4llig f\u00fcr eine Prototyp-Pollution. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"67646",
"T010033",
"T032260",
"T004914",
"T017494",
"T017684",
"2951",
"T002207",
"T000126",
"T004181",
"T024764",
"777623",
"T026783"
]
},
"release_date": "2022-01-24T23:00:00.000+00:00",
"title": "CVE-2021-3918"
}
]
}
WID-SEC-W-2023-0809
Vulnerability from csaf_certbund - Published: 2023-03-30 22:00 - Updated: 2024-02-19 23:00Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0809 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0809.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0809 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0809"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6967283 vom 2023-03-30",
"url": "https://www.ibm.com/support/pages/node/6967283"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6967333 vom 2023-03-30",
"url": "https://www.ibm.com/support/pages/node/6967333"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6980799 vom 2023-04-04",
"url": "https://www.ibm.com/support/pages/node/6980799"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7108657 vom 2024-01-17",
"url": "https://www.ibm.com/support/pages/node/7108657"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-5ECC250449 vom 2024-02-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-02-19T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:47:38.606+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0809",
"initial_release_date": "2023-03-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-03-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-02-19T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c User Behavior Analytics 4.1.11",
"product": {
"name": "IBM QRadar SIEM \u003c User Behavior Analytics 4.1.11",
"product_id": "T027026"
}
},
{
"category": "product_version_range",
"name": "\u003c 7.4.3 FP9",
"product": {
"name": "IBM QRadar SIEM \u003c 7.4.3 FP9",
"product_id": "T027027"
}
},
{
"category": "product_version_range",
"name": "\u003c 7.5.0 UP5",
"product": {
"name": "IBM QRadar SIEM \u003c 7.5.0 UP5",
"product_id": "T027028"
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22809",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2023-22809"
},
{
"cve": "CVE-2022-4883",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-4883"
},
{
"cve": "CVE-2022-46364",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-46364"
},
{
"cve": "CVE-2022-46363",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-46363"
},
{
"cve": "CVE-2022-45143",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-45143"
},
{
"cve": "CVE-2022-42890",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-42890"
},
{
"cve": "CVE-2022-4254",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-4254"
},
{
"cve": "CVE-2022-42252",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-42252"
},
{
"cve": "CVE-2022-41966",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-41966"
},
{
"cve": "CVE-2022-41946",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-41946"
},
{
"cve": "CVE-2022-41704",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-41704"
},
{
"cve": "CVE-2022-40156",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-40156"
},
{
"cve": "CVE-2022-40155",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-40155"
},
{
"cve": "CVE-2022-40154",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-40154"
},
{
"cve": "CVE-2022-40153",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-40153"
},
{
"cve": "CVE-2022-40152",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-40150",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-40150"
},
{
"cve": "CVE-2022-40149",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-40149"
},
{
"cve": "CVE-2022-37603",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-37603"
},
{
"cve": "CVE-2022-37601",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-37601"
},
{
"cve": "CVE-2022-37599",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-37599"
},
{
"cve": "CVE-2022-37598",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-37598"
},
{
"cve": "CVE-2022-3676",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-3676"
},
{
"cve": "CVE-2022-36364",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-36364"
},
{
"cve": "CVE-2022-36033",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-34917",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-34917"
},
{
"cve": "CVE-2022-31197",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-31197"
},
{
"cve": "CVE-2022-31129",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-31129"
},
{
"cve": "CVE-2022-2964",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-2964"
},
{
"cve": "CVE-2022-28733",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-28733"
},
{
"cve": "CVE-2022-2795",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-2795"
},
{
"cve": "CVE-2022-25927",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-25927"
},
{
"cve": "CVE-2022-25901",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-25901"
},
{
"cve": "CVE-2022-25758",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-25758"
},
{
"cve": "CVE-2022-25647",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-25647"
},
{
"cve": "CVE-2022-24999",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-24999"
},
{
"cve": "CVE-2022-24839",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-24839"
},
{
"cve": "CVE-2022-24823",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-24785",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-24785"
},
{
"cve": "CVE-2022-23437",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-23437"
},
{
"cve": "CVE-2022-22971",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-22971"
},
{
"cve": "CVE-2022-22970",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-22970"
},
{
"cve": "CVE-2022-21724",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-21724"
},
{
"cve": "CVE-2022-21628",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-21628"
},
{
"cve": "CVE-2022-21626",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-21626"
},
{
"cve": "CVE-2022-21624",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-21624"
},
{
"cve": "CVE-2022-21619",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2022-21619"
},
{
"cve": "CVE-2021-43797",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-43797"
},
{
"cve": "CVE-2021-42740",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-42740"
},
{
"cve": "CVE-2021-42581",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-42581"
},
{
"cve": "CVE-2021-39227",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-39227"
},
{
"cve": "CVE-2021-3918",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-3807",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-37713",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-37713"
},
{
"cve": "CVE-2021-37712",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-37712"
},
{
"cve": "CVE-2021-37701",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-37701"
},
{
"cve": "CVE-2021-3765",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-3765"
},
{
"cve": "CVE-2021-37137",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2021-37136",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-37136"
},
{
"cve": "CVE-2021-32804",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-32803",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-29060",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-29060"
},
{
"cve": "CVE-2021-26401",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-26401"
},
{
"cve": "CVE-2021-25220",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-23450",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-23450"
},
{
"cve": "CVE-2021-23382",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-23382"
},
{
"cve": "CVE-2021-23368",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-23368"
},
{
"cve": "CVE-2021-23364",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-23364"
},
{
"cve": "CVE-2021-23362",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-23362"
},
{
"cve": "CVE-2021-23343",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-21409",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-21409"
},
{
"cve": "CVE-2021-21295",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-21295"
},
{
"cve": "CVE-2021-21290",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2021-21290"
},
{
"cve": "CVE-2020-7764",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2020-7764"
},
{
"cve": "CVE-2020-5259",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2020-5259"
},
{
"cve": "CVE-2020-24025",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2020-24025"
},
{
"cve": "CVE-2020-15366",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2020-15366"
},
{
"cve": "CVE-2020-13936",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2020-13936"
},
{
"cve": "CVE-2019-6286",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2019-6286"
},
{
"cve": "CVE-2019-6284",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2019-6284"
},
{
"cve": "CVE-2019-6283",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2019-6283"
},
{
"cve": "CVE-2019-10785",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2019-10785"
},
{
"cve": "CVE-2018-8036",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-8036"
},
{
"cve": "CVE-2018-20821",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-20821"
},
{
"cve": "CVE-2018-20190",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-20190"
},
{
"cve": "CVE-2018-19839",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-19839"
},
{
"cve": "CVE-2018-19838",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-19838"
},
{
"cve": "CVE-2018-19827",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-19827"
},
{
"cve": "CVE-2018-19797",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-19797"
},
{
"cve": "CVE-2018-15494",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-15494"
},
{
"cve": "CVE-2018-11698",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-11698"
},
{
"cve": "CVE-2018-11694",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T022954",
"74185"
]
},
"release_date": "2023-03-30T22:00:00.000+00:00",
"title": "CVE-2018-11694"
}
]
}
WID-SEC-W-2022-0607
Vulnerability from csaf_certbund - Published: 2022-07-07 22:00 - Updated: 2025-05-04 22:00Summary
Red Hat FUSE: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Fuse ist eine Open-Source-Integrationsplattform, die auf Apache Camel basiert.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat FUSE ausnutzen, um vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, einen Denial of Service Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, Daten und Informationen zu manipulieren und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Fuse ist eine Open-Source-Integrationsplattform, die auf Apache Camel basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat FUSE ausnutzen, um vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten und Informationen zu manipulieren und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0607 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0607.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0607 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0607"
},
{
"category": "external",
"summary": "RHSA-2022:5532 - Security Advisory vom 2022-07-07",
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5596 vom 2022-07-20",
"url": "https://access.redhat.com/errata/RHSA-2022:5596"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-125 vom 2022-07-28",
"url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-125/index.html"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-124 vom 2022-07-28",
"url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-124/index.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5196 vom 2022-07-31",
"url": "https://lists.debian.org/debian-security-announce/2022/msg00165.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5903 vom 2022-08-04",
"url": "https://access.redhat.com/errata/RHSA-2022:5903"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6787 vom 2022-10-04",
"url": "https://access.redhat.com/errata/RHSA-2022:6787"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6783 vom 2022-10-04",
"url": "https://access.redhat.com/errata/RHSA-2022:6783"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6782 vom 2022-10-04",
"url": "https://access.redhat.com/errata/RHSA-2022:6782"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6822 vom 2022-10-05",
"url": "https://access.redhat.com/errata/RHSA-2022:6822"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6823 vom 2022-10-05",
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6825 vom 2022-10-05",
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6821 vom 2022-10-05",
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6813 vom 2022-10-05",
"url": "https://access.redhat.com/errata/RHSA-2022:6813"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6835 vom 2022-10-06",
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20221014-0006 vom 2022-10-14",
"url": "https://security.netapp.com/advisory/ntap-20221014-0006/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6831855 vom 2022-10-26",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-14/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7177 vom 2022-10-25",
"url": "https://access.redhat.com/errata/RHSA-2022:7177"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7257 vom 2022-10-29",
"url": "https://access.redhat.com/errata/RHSA-2022:7257"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-135 vom 2022-11-01",
"url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-135/index.html"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-137 vom 2022-11-01",
"url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-137/index.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7417 vom 2022-11-03",
"url": "https://access.redhat.com/errata/RHSA-2022:7417"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7409 vom 2022-11-03",
"url": "https://access.redhat.com/errata/RHSA-2022:7409"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7411 vom 2022-11-03",
"url": "https://access.redhat.com/errata/RHSA-2022:7411"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7410 vom 2022-11-03",
"url": "https://access.redhat.com/errata/RHSA-2022:7410"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7896 vom 2022-11-09",
"url": "https://access.redhat.com/errata/RHSA-2022:7896"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8761 vom 2022-12-14",
"url": "https://access.redhat.com/errata/RHSA-2022:8761"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0272 vom 2023-02-06",
"url": "https://access.redhat.com/errata/RHSA-2023:0272"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-070 vom 2024-02-03",
"url": "https://www.dell.com/support/kbdoc/000221770/dsa-2024-="
},
{
"category": "external",
"summary": "IBM Security Bulletin 7144861 vom 2024-03-20",
"url": "https://www.ibm.com/support/pages/node/7144861"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3061 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:3061"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4226 vom 2025-04-28",
"url": "https://access.redhat.com/errata/RHSA-2025:4226"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4437 vom 2025-05-05",
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"source_lang": "en-US",
"title": "Red Hat FUSE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-05-04T22:00:00.000+00:00",
"generator": {
"date": "2025-05-05T08:09:20.562+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-0607",
"initial_release_date": "2022-07-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-07-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-07-19T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-28T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2022-07-31T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-08-03T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-04T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-05T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-06T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-16T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2022-10-30T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-31T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2022-11-03T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-14T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-06T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-02-04T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-03-20T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-27T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-28T22:00:00.000+00:00",
"number": "21",
"summary": "Red Hat JBoss Enterprise Application Platform ist ebenfalls betrroffen"
},
{
"date": "2025-05-04T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "22"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version",
"name": "7.4",
"product": {
"name": "IBM QRadar SIEM 7.4",
"product_id": "T024775",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.4"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version",
"name": "Plus 10.1",
"product": {
"name": "IBM Spectrum Protect Plus 10.1",
"product_id": "T015895",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "658714",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.11.0",
"product": {
"name": "Red Hat FUSE \u003c7.11.0",
"product_id": "723344"
}
},
{
"category": "product_version",
"name": "7.11.0",
"product": {
"name": "Red Hat FUSE 7.11.0",
"product_id": "723344-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:fuse:6.0.0"
}
}
}
],
"category": "product_name",
"name": "FUSE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.1.10",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.1.10",
"product_id": "T043205"
}
},
{
"category": "product_version",
"name": "7.1.10",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.1.10",
"product_id": "T043205-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.3.13",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.3.13",
"product_id": "T043288"
}
},
{
"category": "product_version",
"name": "7.3.13",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.3.13",
"product_id": "T043288-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.13"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15250",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2020-15250"
},
{
"cve": "CVE-2020-25689",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2020-25689"
},
{
"cve": "CVE-2020-29582",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2020-29582"
},
{
"cve": "CVE-2020-36518",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2020-36518"
},
{
"cve": "CVE-2020-7020",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2020-7020"
},
{
"cve": "CVE-2020-9484",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2020-9484"
},
{
"cve": "CVE-2021-22060",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-22060"
},
{
"cve": "CVE-2021-22096",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-22096"
},
{
"cve": "CVE-2021-22119",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-22119"
},
{
"cve": "CVE-2021-22569",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-22569"
},
{
"cve": "CVE-2021-22573",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-22573"
},
{
"cve": "CVE-2021-24122",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-24122"
},
{
"cve": "CVE-2021-2471",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-2471"
},
{
"cve": "CVE-2021-25122",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-25122"
},
{
"cve": "CVE-2021-25329",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-25329"
},
{
"cve": "CVE-2021-29505",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-29505"
},
{
"cve": "CVE-2021-30640",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-30640"
},
{
"cve": "CVE-2021-33037",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-33037"
},
{
"cve": "CVE-2021-33813",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-33813"
},
{
"cve": "CVE-2021-35515",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-35515"
},
{
"cve": "CVE-2021-35516",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-35516"
},
{
"cve": "CVE-2021-35517",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-35517"
},
{
"cve": "CVE-2021-36090",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-36090"
},
{
"cve": "CVE-2021-3629",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-3629"
},
{
"cve": "CVE-2021-3642",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-3642"
},
{
"cve": "CVE-2021-3644",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-3644"
},
{
"cve": "CVE-2021-3807",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-38153",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-38153"
},
{
"cve": "CVE-2021-3859",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-3859"
},
{
"cve": "CVE-2021-40690",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-40690"
},
{
"cve": "CVE-2021-41079",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-41079"
},
{
"cve": "CVE-2021-41766",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-41766"
},
{
"cve": "CVE-2021-4178",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-4178"
},
{
"cve": "CVE-2021-42340",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-42340"
},
{
"cve": "CVE-2021-42550",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-42550"
},
{
"cve": "CVE-2021-43797",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-43797"
},
{
"cve": "CVE-2021-43859",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2021-43859"
},
{
"cve": "CVE-2022-0084",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-0084"
},
{
"cve": "CVE-2022-1259",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-1259"
},
{
"cve": "CVE-2022-1319",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-1319"
},
{
"cve": "CVE-2022-21363",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-21363"
},
{
"cve": "CVE-2022-21724",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-21724"
},
{
"cve": "CVE-2022-22932",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-22932"
},
{
"cve": "CVE-2022-22950",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-22950"
},
{
"cve": "CVE-2022-22968",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-22968"
},
{
"cve": "CVE-2022-22970",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-22970"
},
{
"cve": "CVE-2022-22971",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-22971"
},
{
"cve": "CVE-2022-22976",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-22976"
},
{
"cve": "CVE-2022-22978",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-22978"
},
{
"cve": "CVE-2022-23181",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-23181"
},
{
"cve": "CVE-2022-23221",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-23221"
},
{
"cve": "CVE-2022-23596",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-23596"
},
{
"cve": "CVE-2022-23913",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-23913"
},
{
"cve": "CVE-2022-24614",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-24614"
},
{
"cve": "CVE-2022-25845",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-25845"
},
{
"cve": "CVE-2022-26336",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-26336"
},
{
"cve": "CVE-2022-26520",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-26520"
},
{
"cve": "CVE-2022-30126",
"product_status": {
"known_affected": [
"T022954",
"T014381",
"2951",
"T043205",
"67646",
"723344",
"T024775",
"658714",
"T015895",
"T017562",
"T043288"
]
},
"release_date": "2022-07-07T22:00:00.000+00:00",
"title": "CVE-2022-30126"
}
]
}
WID-SEC-W-2023-0857
Vulnerability from csaf_certbund - Published: 2022-05-24 22:00 - Updated: 2023-04-04 22:00Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, einen Denial of Service Zustand herbeizuführen, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0857 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0857.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0857 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0857"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6980799 vom 2023-04-04",
"url": "https://www.ibm.com/support/pages/node/6980799"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6589583 vom 2022-05-24",
"url": "https://www.ibm.com/support/pages/node/6589583"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6589583 vom 2022-05-24",
"url": "https://www.ibm.com/support/pages/node/6589581"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-04T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:48:07.460+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0857",
"initial_release_date": "2022-05-24T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-05-24T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15168",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2020-15168"
},
{
"cve": "CVE-2020-24025",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2020-24025"
},
{
"cve": "CVE-2020-28469",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2020-28469"
},
{
"cve": "CVE-2020-28498",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2020-28498"
},
{
"cve": "CVE-2020-28500",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2020-28500"
},
{
"cve": "CVE-2020-7793",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2020-7793"
},
{
"cve": "CVE-2021-23337",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-23337"
},
{
"cve": "CVE-2021-27292",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-27292"
},
{
"cve": "CVE-2021-29060",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-29060"
},
{
"cve": "CVE-2021-32803",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-33502",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-33502"
},
{
"cve": "CVE-2021-33623",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-33623"
},
{
"cve": "CVE-2021-37701",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-37701"
},
{
"cve": "CVE-2021-37712",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-37712"
},
{
"cve": "CVE-2021-37713",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-37713"
},
{
"cve": "CVE-2021-3807",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T021415"
]
},
"release_date": "2022-05-24T22:00:00.000+00:00",
"title": "CVE-2021-3807"
}
]
}
RHSA-2022:0735
Vulnerability from csaf_redhat - Published: 2022-03-03 15:19 - Updated: 2025-12-03 09:30Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes
Notes
Topic
Red Hat Advanced Cluster Management for Kubernetes 2.4.2 General Availability
release images. This update provides security fixes, fixes bugs, and updates the container images.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/
Security updates:
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* containerd: Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816)
* minio-go: user privilege escalation in AddUser() admin API (CVE-2021-43858)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* fastify-static: open redirect via an URL with double slash followed by a domain (CVE-2021-22963)
* moby: `docker cp` allows unexpected chmod of host file (CVE-2021-41089)
* moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal (CVE-2021-41091)
* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
* node-fetch: Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0235)
* nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)
Bug fixes:
* Trying to create a new cluster on vSphere and no feedback, stuck in "creating" (Bugzilla #1937078)
* The hyperlink of *ks cluster node cannot be opened when I want to check the node (Bugzilla #2028100)
* Unable to make SSH connection to a Bitbucket server (Bugzilla #2028196)
* RHACM cannot deploy Helm Charts with version numbers starting with letters (e.g. v1.6.1) (Bugzilla #2028931)
* RHACM 2.4.2 images (Bugzilla #2029506)
* Git Application still appears in Application Table and Resources are Still Seen in Advanced Configuration Upon Deletion after Upgrade from 2.4.0 (Bugzilla #2030005)
* Namespace left orphaned after destroying the cluster (Bugzilla #2030379)
* The results filtered through the filter contain some data that should not be present in cluster page (Bugzilla #2034198)
* Git over ssh doesn't use custom port set in url (Bugzilla #2036057)
* The value of name label changed from clusterclaim name to cluster name (Bugzilla #2042223)
* ACM configuration policies do not handle Limitrange or Quotas values (Bugzilla #2042545)
* Cluster addons do not appear after upgrade from ACM 2.3.5 to ACM 2.3.6 (Bugzilla #2050847)
* The azure government regions were not list in the region drop down list when creating the cluster (Bugzilla #2051797)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.4.2 General Availability\nrelease images. This update provides security fixes, fixes bugs, and updates the container images.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console\u2014with security policy built in.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.\n\nThis advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/\n\nSecurity updates:\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* containerd: Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816)\n\n* minio-go: user privilege escalation in AddUser() admin API (CVE-2021-43858)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* fastify-static: open redirect via an URL with double slash followed by a domain (CVE-2021-22963) \n\n* moby: `docker cp` allows unexpected chmod of host file (CVE-2021-41089)\n\n* moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal (CVE-2021-41091)\n\n* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* node-fetch: Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0235)\n\n* nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)\n\nBug fixes:\n\n* Trying to create a new cluster on vSphere and no feedback, stuck in \"creating\" (Bugzilla #1937078)\n\n* The hyperlink of *ks cluster node cannot be opened when I want to check the node (Bugzilla #2028100)\n\n* Unable to make SSH connection to a Bitbucket server (Bugzilla #2028196)\n\n* RHACM cannot deploy Helm Charts with version numbers starting with letters (e.g. v1.6.1) (Bugzilla #2028931)\n\n* RHACM 2.4.2 images (Bugzilla #2029506)\n\n* Git Application still appears in Application Table and Resources are Still Seen in Advanced Configuration Upon Deletion after Upgrade from 2.4.0 (Bugzilla #2030005)\n\n* Namespace left orphaned after destroying the cluster (Bugzilla #2030379)\n\n* The results filtered through the filter contain some data that should not be present in cluster page (Bugzilla #2034198)\n\n* Git over ssh doesn\u0027t use custom port set in url (Bugzilla #2036057)\n\n* The value of name label changed from clusterclaim name to cluster name (Bugzilla #2042223)\n\n* ACM configuration policies do not handle Limitrange or Quotas values (Bugzilla #2042545)\n\n* Cluster addons do not appear after upgrade from ACM 2.3.5 to ACM 2.3.6 (Bugzilla #2050847)\n\n* The azure government regions were not list in the region drop down list when creating the cluster (Bugzilla #2051797)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0735",
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2001668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001668"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2008592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008592"
},
{
"category": "external",
"summary": "2012909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012909"
},
{
"category": "external",
"summary": "2015152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015152"
},
{
"category": "external",
"summary": "2023448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023448"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "2028100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028100"
},
{
"category": "external",
"summary": "2028196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028196"
},
{
"category": "external",
"summary": "2028931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028931"
},
{
"category": "external",
"summary": "2029506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029506"
},
{
"category": "external",
"summary": "2030005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030005"
},
{
"category": "external",
"summary": "2030379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030379"
},
{
"category": "external",
"summary": "2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "2032957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032957"
},
{
"category": "external",
"summary": "2034198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034198"
},
{
"category": "external",
"summary": "2036057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036057"
},
{
"category": "external",
"summary": "2036252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036252"
},
{
"category": "external",
"summary": "2039378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039378"
},
{
"category": "external",
"summary": "2041015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041015"
},
{
"category": "external",
"summary": "2042545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042545"
},
{
"category": "external",
"summary": "2043519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043519"
},
{
"category": "external",
"summary": "2044434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044434"
},
{
"category": "external",
"summary": "2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "2050847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050847"
},
{
"category": "external",
"summary": "2051797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051797"
},
{
"category": "external",
"summary": "2052573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0735.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes",
"tracking": {
"current_release_date": "2025-12-03T09:30:23+00:00",
"generator": {
"date": "2025-12-03T09:30:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2022:0735",
"initial_release_date": "2022-03-03T15:19:13+00:00",
"revision_history": [
{
"date": "2022-03-03T15:19:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-03T15:19:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:30:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"product_id": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.4.2-82"
}
}
},
{
"category": "product_version",
"name": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"product": {
"name": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"product_id": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"product": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"product_id": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-image-service-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"product": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"product_id": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/clusterclaims-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"product": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"product": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"product": {
"name": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"product_id": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"product": {
"name": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"product_id": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.4.2-18"
}
}
},
{
"category": "product_version",
"name": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"product": {
"name": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"product_id": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.4.2-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"product": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"product_id": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"product": {
"name": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"product_id": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"product_id": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"product": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"product_id": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"product_id": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"product": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"product_id": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.4.2-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"product_id": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"product_id": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"product": {
"name": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"product_id": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"product": {
"name": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"product_id": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"product_id": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"product": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"product_id": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"product": {
"name": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"product_id": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"product": {
"name": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"product_id": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"product": {
"name": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"product_id": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"product": {
"name": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"product_id": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"product": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"product_id": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-reporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"product_id": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"product_id": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"product": {
"name": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"product_id": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"product": {
"name": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"product_id": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"product_id": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"product": {
"name": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"product_id": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"product": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"product_id": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rclone-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"product": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"product_id": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-restic-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"product": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"product_id": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"product": {
"name": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"product_id": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.4.2-9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"product_id": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.4.2-82"
}
}
},
{
"category": "product_version",
"name": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"product": {
"name": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"product_id": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"product": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"product_id": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-image-service-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"product": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"product_id": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/clusterclaims-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"product": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"product": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"product": {
"name": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"product_id": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"product": {
"name": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"product_id": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.4.2-18"
}
}
},
{
"category": "product_version",
"name": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"product": {
"name": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"product_id": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.4.2-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"product": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"product_id": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"product": {
"name": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"product_id": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"product_id": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"product": {
"name": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"product_id": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-operator-bundle\u0026tag=v2.4.2-66"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"product": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"product_id": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"product_id": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"product": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"product_id": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"product": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"product": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.4.2-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"product_id": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"product_id": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"product": {
"name": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"product_id": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"product": {
"name": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"product_id": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"product_id": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"product": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"product_id": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"product": {
"name": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"product_id": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"product": {
"name": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"product_id": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"product": {
"name": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"product_id": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"product": {
"name": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"product_id": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-agent-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"product": {
"name": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"product_id": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"product": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"product_id": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-reporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"product_id": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"product_id": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"product": {
"name": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"product_id": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"product": {
"name": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"product_id": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"product_id": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"product": {
"name": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"product_id": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"product": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"product_id": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rclone-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"product": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"product_id": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-restic-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"product": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"product_id": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"product": {
"name": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"product_id": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.4.2-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"product_id": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.4.2-82"
}
}
},
{
"category": "product_version",
"name": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"product": {
"name": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"product_id": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"product": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"product_id": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/clusterclaims-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"product": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"product": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"product": {
"name": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"product_id": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"product": {
"name": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"product_id": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.4.2-18"
}
}
},
{
"category": "product_version",
"name": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"product": {
"name": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"product_id": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.4.2-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"product": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"product_id": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"product": {
"name": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"product_id": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"product_id": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"product": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"product_id": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"product_id": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"product": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"product_id": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"product": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"product": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.4.2-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"product": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"product_id": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"product_id": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"product": {
"name": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"product_id": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"product": {
"name": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"product_id": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"product_id": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"product": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"product_id": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"product": {
"name": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"product_id": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"product": {
"name": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"product_id": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"product": {
"name": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"product_id": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"product_id": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"product_id": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"product": {
"name": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"product_id": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"product": {
"name": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"product_id": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"product_id": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"product": {
"name": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"product_id": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"product": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"product_id": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rclone-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"product": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"product_id": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-restic-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"product": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"product_id": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"product": {
"name": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"product_id": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.4.2-9"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64"
},
"product_reference": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x"
},
"product_reference": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le"
},
"product_reference": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64"
},
"product_reference": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x"
},
"product_reference": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le"
},
"product_reference": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le"
},
"product_reference": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64"
},
"product_reference": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64"
},
"product_reference": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64"
},
"product_reference": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le"
},
"product_reference": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le"
},
"product_reference": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64"
},
"product_reference": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64"
},
"product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le"
},
"product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x"
},
"product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x"
},
"product_reference": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le"
},
"product_reference": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64"
},
"product_reference": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64"
},
"product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x"
},
"product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le"
},
"product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64"
},
"product_reference": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le"
},
"product_reference": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x"
},
"product_reference": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x"
},
"product_reference": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le"
},
"product_reference": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64"
},
"product_reference": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x"
},
"product_reference": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le"
},
"product_reference": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64"
},
"product_reference": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64"
},
"product_reference": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x"
},
"product_reference": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le"
},
"product_reference": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64"
},
"product_reference": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le"
},
"product_reference": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x"
},
"product_reference": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64"
},
"product_reference": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x"
},
"product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64"
},
"product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le"
},
"product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64"
},
"product_reference": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x"
},
"product_reference": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le"
},
"product_reference": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64"
},
"product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x"
},
"product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64"
},
"product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x"
},
"product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x"
},
"product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le"
},
"product_reference": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64"
},
"product_reference": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x"
},
"product_reference": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64"
},
"product_reference": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le"
},
"product_reference": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x"
},
"product_reference": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le"
},
"product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64"
},
"product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x"
},
"product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le"
},
"product_reference": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64"
},
"product_reference": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x"
},
"product_reference": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le"
},
"product_reference": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x"
},
"product_reference": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64"
},
"product_reference": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x"
},
"product_reference": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le"
},
"product_reference": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64"
},
"product_reference": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le"
},
"product_reference": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64"
},
"product_reference": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x"
},
"product_reference": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x"
},
"product_reference": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64"
},
"product_reference": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le"
},
"product_reference": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64"
},
"product_reference": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x"
},
"product_reference": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le"
},
"product_reference": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le"
},
"product_reference": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64"
},
"product_reference": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x"
},
"product_reference": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le"
},
"product_reference": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64"
},
"product_reference": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x"
},
"product_reference": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64"
},
"product_reference": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x"
},
"product_reference": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
},
"product_reference": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22963",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2015152"
}
],
"notes": [
{
"category": "description",
"text": "A redirect vulnerability in the fastify-static module version \u003c 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fastify-static: open redirect via an URL with double slash followed by a domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22963"
},
{
"category": "external",
"summary": "RHBZ#2015152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22963",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22963"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22963",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22963"
}
],
"release_date": "2021-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fastify-static: open redirect via an URL with double slash followed by a domain"
},
{
"cve": "CVE-2021-43565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030787"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an input validation flaw in golang.org/x/crypto\u0027s readCipherPacket() function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: empty plaintext packet causes panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "go-toolset shipped with Red Hat Developer Tools - Compilers and golang shipped with Red Hat Enterprise Linux 8 are not affected by this flaw because they do not ship the vulnerable code.\n\nThis flaw was rated to have a Moderate impact because it is not shipped in the Golang standard library and thus has a reduced impact to products compared with other flaws of this type.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43565"
},
{
"category": "external",
"summary": "RHBZ#2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565"
}
],
"release_date": "2021-12-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto: empty plaintext packet causes panic"
},
{
"cve": "CVE-2021-43816",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2022-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044434"
}
],
"notes": [
{
"category": "description",
"text": "An incorrect permission assignment flaw was found in containerd. This flaw allows a local attacker to use a specially designed text file to read and write files outside of the container\u0027s scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containerd: Unprivileged pod may bind mount any privileged regular file on disk",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because Red Hat OpenStack Platform\u0027s director-operator does not use hostPath volumes, the RHOSP Impact has been rated Low impact and no updates will be provided at this time for its containers.\n\nIn Red Hat OpenShift Container Platform (OCP) the containerd package is not actually used, but because the containerd API is supported the core OCP components are listed as affected by this CVE and the impact is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43816"
},
{
"category": "external",
"summary": "RHBZ#2044434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43816"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c"
}
],
"release_date": "2022-01-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "containerd: Unprivileged pod may bind mount any privileged regular file on disk"
},
{
"cve": "CVE-2021-43858",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2021-12-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2036252"
}
],
"notes": [
{
"category": "description",
"text": "MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minio: user privilege escalation in AddUser() admin API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43858"
},
{
"category": "external",
"summary": "RHBZ#2036252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43858",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43858"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43858",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43858"
},
{
"category": "external",
"summary": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx",
"url": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx"
}
],
"release_date": "2021-12-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
},
{
"category": "workaround",
"details": "There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users.",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "minio: user privilege escalation in AddUser() admin API"
},
{
"cve": "CVE-2022-0235",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044591"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-fetch: exposure of sensitive information to an unauthorized actor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "RHBZ#2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
"url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-fetch: exposure of sensitive information to an unauthorized actor"
},
{
"cve": "CVE-2022-24450",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2052573"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NATS nats-server in an experimental feature that provides dynamically provisioned sandbox accounts that do not check the clients\u2019 authorization. This flaw allows an attacker to take advantage of its valid account and switch over to another existing account without further authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24450"
},
{
"category": "external",
"summary": "RHBZ#2052573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24450"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/CVE-2022-24450.txt",
"url": "https://advisories.nats.io/CVE/CVE-2022-24450.txt"
}
],
"release_date": "2022-02-07T12:40:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account"
}
]
}
RHSA-2021_5171
Vulnerability from csaf_redhat - Published: 2021-12-16 17:21 - Updated: 2024-12-17 22:54Summary
Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (16.13.1), nodejs-nodemon (2.0.15). (BZ#2027610)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.13.1), nodejs-nodemon (2.0.15). (BZ#2027610)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5171",
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5171.json"
}
],
"title": "Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-17T22:54:04+00:00",
"generator": {
"date": "2024-12-17T22:54:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:5171",
"initial_release_date": "2021-12-16T17:21:31+00:00",
"revision_history": [
{
"date": "2021-12-16T17:21:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-16T17:21:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:54:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:16:8050020211206113934:c5368500",
"product": {
"name": "nodejs:16:8050020211206113934:c5368500",
"product_id": "nodejs:16:8050020211206113934:c5368500",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"product": {
"name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"product_id": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13548%2B45d748af?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13548%2B45d748af?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
"product_reference": "nodejs:16:8050020211206113934:c5368500",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch"
},
"product_reference": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src"
],
"known_not_affected": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
}
]
}
RHSA-2022:6449
Vulnerability from csaf_redhat - Published: 2022-09-13 09:59 - Updated: 2025-11-28 17:33Summary
Red Hat Security Advisory: nodejs:16 security and bug fix update
Notes
Topic
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)
* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)
* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)
* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)
* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* nodejs:16/nodejs: rebase to latest upstream release (BZ#2106369)
* nodejs:16/nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2111416)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)\n\n* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)\n\n* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)\n\n* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)\n\n* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs:16/nodejs: rebase to latest upstream release (BZ#2106369)\n\n* nodejs:16/nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2111416)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6449",
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "2106369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106369"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6449.json"
}
],
"title": "Red Hat Security Advisory: nodejs:16 security and bug fix update",
"tracking": {
"current_release_date": "2025-11-28T17:33:42+00:00",
"generator": {
"date": "2025-11-28T17:33:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2022:6449",
"initial_release_date": "2022-09-13T09:59:48+00:00",
"revision_history": [
{
"date": "2022-09-13T09:59:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-13T09:59:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-28T17:33:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16)",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16)",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16)",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src (nodejs:16)",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=src\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"product": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src (nodejs:16)",
"product_id": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-2.module%2Bel8.6.0%2B16240%2B7ca51420?arch=src\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src (nodejs:16)",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=src\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"product": {
"name": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch (nodejs:16)",
"product_id": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"product": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch (nodejs:16)",
"product_id": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-2.module%2Bel8.6.0%2B16240%2B7ca51420?arch=noarch\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch (nodejs:16)",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=noarch\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16)",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16)",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16)",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16)",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16)",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16)",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16)",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16)",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16)",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8060020220805104227:ad008a3a"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16"
},
"product_reference": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16"
},
"product_reference": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16"
},
"product_reference": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"acknowledgments": [
{
"names": [
"Axel Chong"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32212",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105422"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided (for instance, 10.0.2.555 is provided), browsers (such as Firefox) will make DNS requests to the DNS server. This issue provides a vector for an attacker-controlled DNS server or a Man-in-the-middle attack (MITM) who can spoof DNS responses to perform a rebinding attack and then connect to the WebSocket debugger allowing for arbitrary code execution on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: DNS rebinding in --inspect via invalid IP addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is a bypass of CVE-2021-22884.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32212"
},
{
"category": "external",
"summary": "RHBZ#2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: DNS rebinding in --inspect via invalid IP addresses"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32213",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105430"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS), causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32213"
},
{
"category": "external",
"summary": "RHBZ#2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32214",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105428"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the http module not strictly using the CRLF sequence to delimit HTTP requests. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows an attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to improper delimiting of header fields",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32214"
},
{
"category": "external",
"summary": "RHBZ#2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to improper delimiting of header fields"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32215",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105426"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32215"
},
{
"category": "external",
"summary": "RHBZ#2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding"
},
{
"cve": "CVE-2022-33987",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2102001"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `got` package for node.js. Requested URLs are not verified and allow open redirection to a local UNIX socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As got is only a transitive dependency of a development dependency of kiali OpenShift Service Mesh as well as being removed in version 2.2+, this flaw will not be fixed at this time for the openshift-istio-kiali-rhel8-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33987"
},
{
"category": "external",
"summary": "RHBZ#2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/pull/2047",
"url": "https://github.com/sindresorhus/got/pull/2047"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/releases/tag/v11.8.5",
"url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5"
}
],
"release_date": "2022-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x::nodejs:16",
"AppStream-8.6.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets"
}
]
}
RHSA-2022_5532
Vulnerability from csaf_redhat - Published: 2022-07-07 14:19 - Updated: 2024-11-26 03:08Summary
Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update
Notes
Topic
A minor version update (from 7.10 to 7.11) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat Fuse 7.11.0 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
Security Fix(es):
* fastjson (CVE-2022-25845)
* jackson-databind (CVE-2020-36518)
* mysql-connector-java (CVE-2021-2471, CVE-2022-21363)
* undertow (CVE-2022-1259, CVE-2021-3629, CVE-2022-1319)
* wildfly-elytron (CVE-2021-3642)
* nodejs-ansi-regex (CVE-2021-3807, CVE-2021-3807)
* 3 qt (CVE-2021-3859)
* kubernetes-client (CVE-2021-4178)
* spring-security (CVE-2021-22119)
* protobuf-java (CVE-2021-22569)
* google-oauth-client (CVE-2021-22573)
* XStream (CVE-2021-29505, CVE-2021-43859)
* jdom (CVE-2021-33813, CVE-2021-33813)
* apache-commons-compress (CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090)
* Kafka (CVE-2021-38153)
* xml-security (CVE-2021-40690)
* logback (CVE-2021-42550)
* netty (CVE-2021-43797)
* xnio (CVE-2022-0084)
* jdbc-postgresql (CVE-2022-21724)
* spring-expression (CVE-2022-22950)
* springframework (CVE-2021-22096, CVE-2021-22060, CVE-2021-22096, CVE-2022-22976, CVE-2022-22970, CVE-2022-22971, CVE-2022-22978)
* h2 (CVE-2022-23221)
* junrar (CVE-2022-23596)
* artemis-commons (CVE-2022-23913)
* elasticsearch (CVE-2020-7020)
* tomcat (CVE-2021-24122, CVE-2021-25329, CVE-2020-9484, CVE-2021-25122, CVE-2021-33037, CVE-2021-30640, CVE-2021-41079, CVE-2021-42340, CVE-2022-23181)
* junit4 (CVE-2020-15250)
* wildfly-core (CVE-2020-25689, CVE-2021-3644)
* kotlin (CVE-2020-29582)
* karaf (CVE-2021-41766, CVE-2022-22932)
* Spring Framework (CVE-2022-22968)
* metadata-extractor (CVE-2022-24614)
* poi-scratchpad (CVE-2022-26336)
* postgresql-jdbc (CVE-2022-26520)
* tika-core (CVE-2022-30126)
For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 7.10 to 7.11) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Fuse 7.11.0 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nSecurity Fix(es):\n\n* fastjson (CVE-2022-25845)\n\n* jackson-databind (CVE-2020-36518)\n\n* mysql-connector-java (CVE-2021-2471, CVE-2022-21363)\n\n* undertow (CVE-2022-1259, CVE-2021-3629, CVE-2022-1319)\n\n* wildfly-elytron (CVE-2021-3642)\n\n* nodejs-ansi-regex (CVE-2021-3807, CVE-2021-3807)\n\n* 3 qt (CVE-2021-3859)\n\n* kubernetes-client (CVE-2021-4178)\n\n* spring-security (CVE-2021-22119)\n\n* protobuf-java (CVE-2021-22569)\n\n* google-oauth-client (CVE-2021-22573)\n\n* XStream (CVE-2021-29505, CVE-2021-43859)\n\n* jdom (CVE-2021-33813, CVE-2021-33813)\n\n* apache-commons-compress (CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090)\n\n* Kafka (CVE-2021-38153)\n\n* xml-security (CVE-2021-40690)\n\n* logback (CVE-2021-42550)\n\n* netty (CVE-2021-43797)\n\n* xnio (CVE-2022-0084)\n\n* jdbc-postgresql (CVE-2022-21724)\n\n* spring-expression (CVE-2022-22950)\n\n* springframework (CVE-2021-22096, CVE-2021-22060, CVE-2021-22096, CVE-2022-22976, CVE-2022-22970, CVE-2022-22971, CVE-2022-22978)\n\n* h2 (CVE-2022-23221)\n\n* junrar (CVE-2022-23596)\n\n* artemis-commons (CVE-2022-23913)\n\n* elasticsearch (CVE-2020-7020)\n\n* tomcat (CVE-2021-24122, CVE-2021-25329, CVE-2020-9484, CVE-2021-25122, CVE-2021-33037, CVE-2021-30640, CVE-2021-41079, CVE-2021-42340, CVE-2022-23181)\n\n* junit4 (CVE-2020-15250)\n\n* wildfly-core (CVE-2020-25689, CVE-2021-3644)\n\n* kotlin (CVE-2020-29582)\n\n* karaf (CVE-2021-41766, CVE-2022-22932)\n\n* Spring Framework (CVE-2022-22968)\n\n* metadata-extractor (CVE-2022-24614)\n\n* poi-scratchpad (CVE-2022-26336)\n\n* postgresql-jdbc (CVE-2022-26520)\n\n* tika-core (CVE-2022-30126)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5532",
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.11.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.11.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/"
},
{
"category": "external",
"summary": "1838332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838332"
},
{
"category": "external",
"summary": "1887810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887810"
},
{
"category": "external",
"summary": "1893070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893070"
},
{
"category": "external",
"summary": "1893125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893125"
},
{
"category": "external",
"summary": "1917209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917209"
},
{
"category": "external",
"summary": "1930291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930291"
},
{
"category": "external",
"summary": "1934032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934032"
},
{
"category": "external",
"summary": "1934061",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934061"
},
{
"category": "external",
"summary": "1966735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966735"
},
{
"category": "external",
"summary": "1973413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973413"
},
{
"category": "external",
"summary": "1976052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976052"
},
{
"category": "external",
"summary": "1977064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977064"
},
{
"category": "external",
"summary": "1977362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362"
},
{
"category": "external",
"summary": "1981407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981407"
},
{
"category": "external",
"summary": "1981533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981533"
},
{
"category": "external",
"summary": "1981544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981544"
},
{
"category": "external",
"summary": "1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "2004820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004820"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "2010378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010378"
},
{
"category": "external",
"summary": "2011190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011190"
},
{
"category": "external",
"summary": "2014356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014356"
},
{
"category": "external",
"summary": "2020583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020583"
},
{
"category": "external",
"summary": "2031958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
},
{
"category": "external",
"summary": "2033560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033560"
},
{
"category": "external",
"summary": "2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "2034584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584"
},
{
"category": "external",
"summary": "2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "2044596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044596"
},
{
"category": "external",
"summary": "2046279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046279"
},
{
"category": "external",
"summary": "2046282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046282"
},
{
"category": "external",
"summary": "2047343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
},
{
"category": "external",
"summary": "2047417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047417"
},
{
"category": "external",
"summary": "2049778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049778"
},
{
"category": "external",
"summary": "2049783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049783"
},
{
"category": "external",
"summary": "2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "2055480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055480"
},
{
"category": "external",
"summary": "2058763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058763"
},
{
"category": "external",
"summary": "2063292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063292"
},
{
"category": "external",
"summary": "2063601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
},
{
"category": "external",
"summary": "2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "2064226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
},
{
"category": "external",
"summary": "2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2073890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
},
{
"category": "external",
"summary": "2075441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075441"
},
{
"category": "external",
"summary": "2081879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081879"
},
{
"category": "external",
"summary": "2087214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087214"
},
{
"category": "external",
"summary": "2087272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087272"
},
{
"category": "external",
"summary": "2087274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087274"
},
{
"category": "external",
"summary": "2087606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087606"
},
{
"category": "external",
"summary": "2088523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088523"
},
{
"category": "external",
"summary": "2100654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100654"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5532.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update",
"tracking": {
"current_release_date": "2024-11-26T03:08:19+00:00",
"generator": {
"date": "2024-11-26T03:08:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:5532",
"initial_release_date": "2022-07-07T14:19:49+00:00",
"revision_history": [
{
"date": "2022-07-07T14:19:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-07-07T14:19:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-26T03:08:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.11",
"product": {
"name": "Red Hat Fuse 7.11",
"product_id": "Red Hat Fuse 7.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7020",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-10-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893125"
}
],
"notes": [
{
"category": "description",
"text": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elasticsearch: not properly preserving security permissions when executing complex queries may lead to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7020"
},
{
"category": "external",
"summary": "RHBZ#1893125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7020",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7020"
},
{
"category": "external",
"summary": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033",
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
},
{
"category": "external",
"summary": "https://www.elastic.co/community/security/",
"url": "https://www.elastic.co/community/security/"
}
],
"release_date": "2020-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "elasticsearch: not properly preserving security permissions when executing complex queries may lead to information disclosure"
},
{
"cve": "CVE-2020-9484",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1838332"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in Apache Tomcat\u0027s use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: deserialization flaw in session persistence storage leading to RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Enterprise Linux 8, Red Hat Certificate System 10 and Identity Management are using the pki-servlet-engine component, which embeds a vulnerable version of Tomcat. However, in these specific contexts, the prerequisites to the vulnerability are not met. The PersistentManager is not set, and a SecurityManager is used. The use of pki-servlet-engine outside of these contexts is not supported. As a result, the vulnerability can not be triggered in supported configurations of these products. A future update may update Tomcat in pki-servlet-engine.\n\nRed Hat Satellite do not ship Tomcat and rather use its configuration. The product is not affected because configuration does not make use of PersistanceManager or FileStore. Tomcat updates can be obtain from Red Hat Enterprise Linux (RHEL) RHSA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9484"
},
{
"category": "external",
"summary": "RHBZ#1838332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9484",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9484"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9484",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9484"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35"
}
],
"release_date": "2020-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Users may configure the PersistenceManager with an appropriate value for sessionAttributeValueClassNameFilter to ensure that only application provided attributes are serialized and deserialized. For more details about the configuration, refer to the Apache Tomcat 9 Configuration Reference https://tomcat.apache.org/tomcat-9.0-doc/config/manager.html.",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: deserialization flaw in session persistence storage leading to RCE"
},
{
"cve": "CVE-2020-15250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887810"
}
],
"notes": [
{
"category": "description",
"text": "In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system\u0027s temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "junit4: TemporaryFolder is shared between all users across system which could result in information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15250"
},
{
"category": "external",
"summary": "RHBZ#1887810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887810"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15250"
},
{
"category": "external",
"summary": "https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp",
"url": "https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp"
}
],
"release_date": "2020-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "junit4: TemporaryFolder is shared between all users across system which could result in information disclosure"
},
{
"cve": "CVE-2020-25689",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-10-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893070"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where the host-controller tries to reconnect in a loop, generating new connections that are not properly closed while unable to connect to the domain controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25689"
},
{
"category": "external",
"summary": "RHBZ#1893070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25689",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25689"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25689",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25689"
}
],
"release_date": "2020-10-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller"
},
{
"cve": "CVE-2020-29582",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"discovery_date": "2021-02-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930291"
}
],
"notes": [
{
"category": "description",
"text": "In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this vulnerability because It ships kotlin-stdlib. The vulnerable component is not in kotlin-stdlib.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-29582"
},
{
"category": "external",
"summary": "RHBZ#1930291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29582",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29582"
},
{
"category": "external",
"summary": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
}
],
"release_date": "2021-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure"
},
{
"cve": "CVE-2020-36518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064698"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via a large depth of nested objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36518"
},
{
"category": "external",
"summary": "RHBZ#2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
"url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
}
],
"release_date": "2020-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via a large depth of nested objects"
},
{
"cve": "CVE-2021-2471",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2021-11-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2020583"
}
],
"notes": [
{
"category": "description",
"text": "MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External Entity(XXE) vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors\u0027 accessible data without any authorization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: unauthorized access to critical",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Presto component is part of the OCP Metering stack and it ships the vulnerable version of the MySQL Connector/J package. Since the release of OCP 4.6, the Metering product has been deprecated and is removed from OCP starting from 4.9 version [1], hence the affected component is marked as wontfix.\n\n[1] https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html#ocp-4-9-deprecated-removed-features",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-2471"
},
{
"category": "external",
"summary": "RHBZ#2020583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020583"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-2471",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-2471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-2471"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
}
],
"release_date": "2021-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql-connector-java: unauthorized access to critical"
},
{
"cve": "CVE-2021-3629",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1977362"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3629"
},
{
"category": "external",
"summary": "RHBZ#1977362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629"
}
],
"release_date": "2021-03-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS"
},
{
"cve": "CVE-2021-3642",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"discovery_date": "2021-06-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attack in ScramServer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3642"
},
{
"category": "external",
"summary": "RHBZ#1981407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3642"
}
],
"release_date": "2021-06-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attack in ScramServer"
},
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-3644",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1976052"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-core: Invalid Sensitivity Classification of Vault Expression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this flaw as it does not ship the vulnerable component of wildfly.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3644"
},
{
"category": "external",
"summary": "RHBZ#1976052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3644"
}
],
"release_date": "2021-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly-core: Invalid Sensitivity Classification of Vault Expression"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3859",
"cwe": {
"id": "CWE-214",
"name": "Invocation of Process Using Visible Sensitive Information"
},
"discovery_date": "2021-09-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2010378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: client side invocation timeout raised when calling over HTTP2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3859"
},
{
"category": "external",
"summary": "RHBZ#2010378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3859",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3859"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3859",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3859"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: client side invocation timeout raised when calling over HTTP2"
},
{
"acknowledgments": [
{
"names": [
"Jordy Versmissen"
]
}
],
"cve": "CVE-2021-4178",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034388"
}
],
"notes": [
{
"category": "description",
"text": "A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes-client: Insecure deserialization in unmarshalYaml method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this flaw because it does not ship a vulnerable version of kubernetes-client; the version that it ships does not use SnakeYAML.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4178"
},
{
"category": "external",
"summary": "RHBZ#2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4178"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178"
}
],
"release_date": "2022-01-05T15:05:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes-client: Insecure deserialization in unmarshalYaml method"
},
{
"cve": "CVE-2021-22060",
"discovery_date": "2022-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2055480"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22060"
},
{
"category": "external",
"summary": "RHBZ#2055480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22060"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)"
},
{
"cve": "CVE-2021-22096",
"discovery_date": "2021-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034584"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: malicious input leads to insertion of additional log entries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22096"
},
{
"category": "external",
"summary": "RHBZ#2034584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096"
}
],
"release_date": "2021-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "springframework: malicious input leads to insertion of additional log entries"
},
{
"cve": "CVE-2021-22119",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1977064"
}
],
"notes": [
{
"category": "description",
"text": "Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session or multiple sessions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22119"
},
{
"category": "external",
"summary": "RHBZ#1977064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977064"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22119",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22119"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22119",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22119"
}
],
"release_date": "2021-06-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request"
},
{
"cve": "CVE-2021-22569",
"cwe": {
"id": "CWE-696",
"name": "Incorrect Behavior Order"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: potential DoS in the parsing procedure for binary data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22569"
},
{
"category": "external",
"summary": "RHBZ#2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
"url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
}
],
"release_date": "2022-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: potential DoS in the parsing procedure for binary data"
},
{
"cve": "CVE-2021-22573",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2081879"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Google OAuth Java client\u0027s IDToken verifier, where it does not verify if the token is properly signed. This issue could allow an attacker to provide a compromised token with a custom payload that will pass the validation on the client side, allowing access to information outside of their prescribed permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: Token signature not verified",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22573"
},
{
"category": "external",
"summary": "RHBZ#2081879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081879"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22573"
},
{
"category": "external",
"summary": "https://github.com/googleapis/google-oauth-java-client/pull/872",
"url": "https://github.com/googleapis/google-oauth-java-client/pull/872"
}
],
"release_date": "2022-05-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google-oauth-client: Token signature not verified"
},
{
"cve": "CVE-2021-24122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1917209"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. When serving resources from a network location using the NTFS file system, it was possible to bypass security constraints and view the source code for JSPs in some configurations. The root cause was the unexpected behavior of the JRE API File.getCanonicalPath(), which was caused by the inconsistent behavior of the Windows API (FindFirstFileW) in some circumstances. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Information disclosure when using NTFS file system",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat OpenStack Platform\u0027s OpenDaylight, tomcat is disabled by default. Further, ODL deployments are not supported on untrusted administrator networks; even if tomcat is enabled, if random users can access it, this would be in an unsupported configuration. For this reason, the RHOSP impact has been reduced and no update will be provided at this time for the ODL tomcat package.\n\nThis flaw does not affect tomcat or pki-servlet-engine as shipped with Red Hat Enterprise Linux 6, 7, or 8 because the functionality involving FindFirstFileW() is specific to the Windows native code. Additionally, RHEL is not shipped with NTFS support.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-24122"
},
{
"category": "external",
"summary": "RHBZ#1917209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-24122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24122"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-24122",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40"
}
],
"release_date": "2021-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Information disclosure when using NTFS file system"
},
{
"cve": "CVE-2021-25122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1934032"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. When responding to new h2c connection requests, Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A\u0027s request. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Request mix-up with h2c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8\u0027s Identity Management and Certificate System are using a vulnerable version of Tomcat that is bundled into the `pki-servlet-engine` component. However, HTTP/2 is not enabled in such a configuration, and it is not possible to trigger the flaw in a supported setup. A future update may fix the code. Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7 are not affected by this flaw because HTTP/2 is not supported in the shipped version of tomcat in those packages.\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-25122"
},
{
"category": "external",
"summary": "RHBZ#1934032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934032"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-25122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25122"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25122",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25122"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43"
}
],
"release_date": "2021-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Request mix-up with h2c"
},
{
"cve": "CVE-2021-25329",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1934061"
}
],
"notes": [
{
"category": "description",
"text": "The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incomplete fix for CVE-2020-9484 (RCE via session persistence)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Enterprise Linux 8, Red Hat Certificate System 10 and Identity Management are using the `pki-servlet-engine` component, which embeds a vulnerable version of Tomcat. However, in these specific contexts, the prerequisites to the vulnerability are not met. The PersistentManager is not set, and a SecurityManager is used. The use of `pki-servlet-engine` outside of these contexts is not supported. As a result, the vulnerability can not be triggered in supported configurations of these products.\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-25329"
},
{
"category": "external",
"summary": "RHBZ#1934061",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934061"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-25329",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25329"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.108",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.108"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43"
}
],
"release_date": "2021-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Users may configure the PersistenceManager with an appropriate value for sessionAttributeValueClassNameFilter to ensure that only application provided attributes are serialized and deserialized. For more details about the configuration, refer to the Apache Tomcat 9 Configuration Reference https://tomcat.apache.org/tomcat-9.0-doc/config/manager.html.",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Incomplete fix for CVE-2020-9484 (RCE via session persistence)"
},
{
"cve": "CVE-2021-29505",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XStream. By manipulating the processed input stream, a remote attacker may be able to obtain sufficient rights to execute commands. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: remote command execution attack by manipulating the processed input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\nCodeReady Studio 12 ships a version of xstream that is affected by this flaw as a transitive dependency for the Wise framework plugin. However, the vulnerable code is not called, so this flaw has been marked as Low severity for CodeReady Studio 12.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29505"
},
{
"category": "external",
"summary": "RHBZ#1966735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29505"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29505",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29505"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc"
},
{
"category": "external",
"summary": "https://x-stream.github.io/CVE-2021-29505.html",
"url": "https://x-stream.github.io/CVE-2021-29505.html"
}
],
"release_date": "2021-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Depending on the version of XStream used there are various usage patterns that mitigate this flaw, though we would strongly recommend using the allow list approach if at all possible as there are likely more class combinations the deny list approach may not address.\n\nAllow list approach\n```java\nXStream xstream = new XStream();\nXStream.setupDefaultSecurity(xstream);\nxstream.allowTypesByWildcard(new String[] {\"com.misc.classname\"})\n```\nDeny list for XStream 1.4.16 (this should also address some previous flaws found in 1.4.7 - \u003e 1.4.15) \n```java\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\.Lazy(?:Search)?Enumeration.*\", \"(?:java|sun)\\\\.rmi\\\\..*\" });\n```\n\nDeny list for XStream 1.4.15\n```java\nxstream.denyTypes(new String[]{ \"sun.awt.datatransfer.DataTransferer$IndexOrderComparator\", \"sun.swing.SwingLazyValue\", \"com.sun.corba.se.impl.activation.ServerTableEntry\", \"com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator\" });\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\$ServiceNameIterator\", \"javafx\\\\.collections\\\\.ObservableList\\\\$.*\", \".*\\\\.bcel\\\\..*\\\\.util\\\\.ClassLoader\" });\nxstream.denyTypeHierarchy(java.io.InputStream.class );\nxstream.denyTypeHierarchy(java.nio.channels.Channel.class );\nxstream.denyTypeHierarchy(javax.activation.DataSource.class );\nxstream.denyTypeHierarchy(javax.sql.rowset.BaseRowSet.class );\n```\n\nDeny list for XStream 1.4.13\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class });\n```\n\nDeny list for XStream 1.4.7 -\u003e 1.4.12\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class, java.beans.EventHandler.class, java.lang.ProcessBuilder.class, java.lang.Void.class, void.class });\n```\n\nDeny list for versions prior to XStream 1.4.7\n```java\nxstream.registerConverter(new Converter() {\n public boolean canConvert(Class type) {\n return type != null \u0026\u0026 (type == java.beans.EventHandler.class || type == java.lang.ProcessBuilder.class || type == java.lang.Void.class || void.class || type.getName().equals(\"javax.imageio.ImageIO$ContainsFilter\") || Proxy.isProxy(type));\n }\n\n public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n\n public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n}, XStream.PRIORITY_LOW);\n```",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: remote command execution attack by manipulating the processed input stream"
},
{
"cve": "CVE-2021-30640",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981544"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: JNDI realm authentication weakness",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30640"
},
{
"category": "external",
"summary": "RHBZ#1981544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30640"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30640",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30640"
}
],
"release_date": "2021-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: JNDI realm authentication weakness"
},
{
"cve": "CVE-2021-33037",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981533"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: HTTP request smuggling when used with a reverse proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33037"
},
{
"category": "external",
"summary": "RHBZ#1981533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33037"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33037",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33037"
}
],
"release_date": "2021-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: HTTP request smuggling when used with a reverse proxy"
},
{
"cve": "CVE-2021-33813",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2021-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1973413"
}
],
"notes": [
{
"category": "description",
"text": "An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jdom: XXE allows attackers to cause a DoS via a crafted HTTP request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive and hadoop components that comprise the OCP metering stack, ship the vulnerable version of jdom.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nThis flaw is out of support scope for Red Hat Enterprise Linux 6 and 7. Please see the following page for more information on Red Hat Enterprise Linux support scopes: https://access.redhat.com/support/policy/updates/errata/ .\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33813"
},
{
"category": "external",
"summary": "RHBZ#1973413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33813"
}
],
"release_date": "2021-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jdom: XXE allows attackers to cause a DoS via a crafted HTTP request"
},
{
"cve": "CVE-2021-35515",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981895"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35515"
},
{
"category": "external",
"summary": "RHBZ#1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/1",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/1"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35516",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981900"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for very small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35516"
},
{
"category": "external",
"summary": "RHBZ#1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/2",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/2"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35517",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted TAR archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 TAR package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35517"
},
{
"category": "external",
"summary": "RHBZ#1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/3",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/3"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive"
},
{
"cve": "CVE-2021-36090",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981909"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted ZIP archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 zip package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36090"
},
{
"category": "external",
"summary": "RHBZ#1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/4",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/4"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive"
},
{
"cve": "CVE-2021-38153",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2021-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2009041"
}
],
"notes": [
{
"category": "description",
"text": "Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38153"
},
{
"category": "external",
"summary": "RHBZ#2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153"
}
],
"release_date": "2021-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients"
},
{
"cve": "CVE-2021-40690",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2011190"
}
],
"notes": [
{
"category": "description",
"text": "All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the \"secureValidation\" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xml-security: XPath Transform abuse allows for information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Since OpenShift Container Platform (OCP) 4.7, the logging-elasticsearch6-container is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-40690"
},
{
"category": "external",
"summary": "RHBZ#2011190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-40690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40690"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xml-security: XPath Transform abuse allows for information disclosure"
},
{
"cve": "CVE-2021-41079",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet can trigger an infinite loop, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Infinite loop while reading an unexpected TLS packet when using OpenSSL JSSE engine",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Certificate System versions 9 and older, the version of Tomcat used is not affected by this flaw.\nIn Red Hat Certificate System 10, Tomcat is affected by this flaw. However, Tomcat is configured so that it does not use OpenSSLEngine, but the Dogtag JSS SSL implementation. As a result, the flaw can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41079"
},
{
"category": "external",
"summary": "RHBZ#2004820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41079",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41079"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.4",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.4"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.64",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.64"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.44",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.44"
}
],
"release_date": "2021-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Infinite loop while reading an unexpected TLS packet when using OpenSSL JSSE engine"
},
{
"cve": "CVE-2021-41766",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2046282"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Karaf. This issue allows monitoring of applications and the Java runtime by using the Java Management Extensions (JMX).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "karaf: insecure java deserialization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default JMX implementation is hardened against unauthenticated deserialization attacks. The implementation used by Apache Karaf is not protected against this kind of attack. The impact of Java deserialization vulnerabilities strongly depends on the classes available within the target\u0027s classpath. Generally speaking, deserialization of untrusted data does represent a high-security risk and should be prevented. In this case, it\u0027s limited to classes system scoped classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41766"
},
{
"category": "external",
"summary": "RHBZ#2046282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41766",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41766"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41766",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41766"
}
],
"release_date": "2022-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "karaf: insecure java deserialization"
},
{
"cve": "CVE-2021-42340",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014356"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in Apache Tomcat, where an HTTP upgrade connection does not release for WebSocket connections once the WebSocket connection is closed. If a sufficient number of such requests are made, an OutOfMemoryError occurs, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: OutOfMemoryError caused by HTTP upgrade connection leak could lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenStack Platform, Tomcat is provided as a component of OpenDaylight. This flaw will not receive a fix as OpenDaylight was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.\n\nRed Hat Satellite does not include the affected Apache Tomcat, however, Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42340"
},
{
"category": "external",
"summary": "RHBZ#2014356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42340"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.12",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.12"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.0-M6",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.0-M6"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.72",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.72"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.54",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.54"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E"
}
],
"release_date": "2021-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: OutOfMemoryError caused by HTTP upgrade connection leak could lead to DoS"
},
{
"cve": "CVE-2021-42550",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2033560"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the logback package. When using a specially-crafted configuration, this issue could allow a remote authenticated attacker to execute arbitrary code loaded from LDAP servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "logback: remote code execution through JNDI call from within its configuration file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite shipped affected versions, however, it is not vulnerable because the product doesn\u0027t meet the conditions needed to perform the attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42550"
},
{
"category": "external",
"summary": "RHBZ#2033560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033560"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42550",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42550"
},
{
"category": "external",
"summary": "http://logback.qos.ch/news.html",
"url": "http://logback.qos.ch/news.html"
},
{
"category": "external",
"summary": "https://cve.report/CVE-2021-42550",
"url": "https://cve.report/CVE-2021-42550"
},
{
"category": "external",
"summary": "https://jira.qos.ch/browse/LOGBACK-1591",
"url": "https://jira.qos.ch/browse/LOGBACK-1591"
}
],
"release_date": "2021-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "logback: remote code execution through JNDI call from within its configuration file"
},
{
"cve": "CVE-2021-43797",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031958"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: control chars in header names may lead to HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated, hence the affected components are marked as wontfix.\nThe openshift4/ose-logging-elasticsearch6 container is marked as Out of support scope because since the release of OCP 4.7 the logging functionality is delivered as an OpenShift Logging product and OCP 4.6 is already in the Maintenance Support phase.\nA fix was introduced in netty-codec-http version 4.1.72.Final.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43797"
},
{
"category": "external",
"summary": "RHBZ#2031958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq",
"url": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: control chars in header names may lead to HTTP request smuggling"
},
{
"cve": "CVE-2021-43859",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2049783"
}
],
"notes": [
{
"category": "description",
"text": "XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Injecting highly recursive collections or maps can cause a DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this issue as having Moderate security impact and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43859"
},
{
"category": "external",
"summary": "RHBZ#2049783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43859"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43859",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43859"
}
],
"release_date": "2022-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Injecting highly recursive collections or maps can cause a DoS"
},
{
"cve": "CVE-2022-0084",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although the CVSS stands for 7.5 score, the impact remains Moderate as it demands previous knowledge of the environment to trigger the Denial of Service (DoS)",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0084"
},
{
"category": "external",
"summary": "RHBZ#2064226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084"
}
],
"release_date": "2022-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr"
},
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-1319",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073890"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1319"
},
{
"category": "external",
"summary": "RHBZ#2073890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319"
}
],
"release_date": "2022-04-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures"
},
{
"cve": "CVE-2022-21363",
"cwe": {
"id": "CWE-280",
"name": "Improper Handling of Insufficient Permissions or Privileges "
},
"discovery_date": "2022-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2047343"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21363"
},
{
"category": "external",
"summary": "RHBZ#2047343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors"
},
{
"cve": "CVE-2022-21724",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-02-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050863"
}
],
"notes": [
{
"category": "description",
"text": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21724"
},
{
"category": "external",
"summary": "RHBZ#2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4",
"url": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes"
},
{
"cve": "CVE-2022-22932",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2046279"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Karaf obr:* command, where a partial path traversal issue allows a break out of the expected folder. This entry is set by the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "karaf: path traversal flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22932"
},
{
"category": "external",
"summary": "RHBZ#2046279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046279"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22932",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22932"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22932",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22932"
}
],
"release_date": "2022-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "karaf: path traversal flaws"
},
{
"cve": "CVE-2022-22950",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2069414"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-expression: Denial of service via specially crafted SpEL expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22950"
},
{
"category": "external",
"summary": "RHBZ#2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22950",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950"
}
],
"release_date": "2022-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-expression: Denial of service via specially crafted SpEL expression"
},
{
"cve": "CVE-2022-22968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-04-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2075441"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: Data Binding Rules Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22968"
},
{
"category": "external",
"summary": "RHBZ#2075441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075441"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22968",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22968"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22968",
"url": "https://tanzu.vmware.com/security/cve-2022-22968"
}
],
"release_date": "2022-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Framework: Data Binding Rules Vulnerability"
},
{
"cve": "CVE-2022-22970",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087272"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. Applications that handle file uploads are vulnerable to a denial of service (DoS) attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: DoS via data binding to multipartFile or servlet part",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22970"
},
{
"category": "external",
"summary": "RHBZ#2087272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22970",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22970"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22970",
"url": "https://tanzu.vmware.com/security/cve-2022-22970"
}
],
"release_date": "2022-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: DoS via data binding to multipartFile or servlet part"
},
{
"cve": "CVE-2022-22971",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework Applications. Applications that use STOMP over the WebSocket endpoint are vulnerable to a denial of service attack caused by an authenticated user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: DoS with STOMP over WebSocket",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22971"
},
{
"category": "external",
"summary": "RHBZ#2087274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22971"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22971",
"url": "https://tanzu.vmware.com/security/cve-2022-22971"
}
],
"release_date": "2022-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: DoS with STOMP over WebSocket"
},
{
"cve": "CVE-2022-22976",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-05-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087214"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum work factor (31) due to an integer overflow error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: BCrypt skips salt rounds for work factor of 31",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22976"
},
{
"category": "external",
"summary": "RHBZ#2087214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087214"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22976"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22976",
"url": "https://tanzu.vmware.com/security/cve-2022-22976"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: BCrypt skips salt rounds for work factor of 31"
},
{
"cve": "CVE-2022-22978",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can bypass some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Authorization Bypass in RegexRequestMatcher",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22978"
},
{
"category": "external",
"summary": "RHBZ#2087606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22978"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22978",
"url": "https://tanzu.vmware.com/security/cve-2022-22978"
}
],
"release_date": "2022-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Authorization Bypass in RegexRequestMatcher"
},
{
"acknowledgments": [
{
"names": [
"Trung Pham"
],
"organization": "Viettel Cyber Security",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-23181",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2022-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2047417"
}
],
"notes": [
{
"category": "description",
"text": "The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: local privilege escalation vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Enterprise Linux 8, Red Hat Certificate System 10 and Identity Management are using the `pki-servlet-engine` component. This component embeds a version of Tomcat which is not affected by this flaw, as it does not include the fix for CVE-2020-9484. Additionally, in these specific contexts, the prerequisites to the vulnerability are not met. The PersistentManager is not set, and a SecurityManager is used. The use of `pki-servlet-engine` outside of these contexts is not supported.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23181"
},
{
"category": "external",
"summary": "RHBZ#2047417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047417"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23181",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23181"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23181",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23181"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9",
"url": "https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9"
}
],
"release_date": "2022-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: local privilege escalation vulnerability"
},
{
"cve": "CVE-2022-23221",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "h2: Loading of custom classes from remote servers through JNDI",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23221"
},
{
"category": "external",
"summary": "RHBZ#2044596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23221"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-45hx-wfhj-473x",
"url": "https://github.com/advisories/GHSA-45hx-wfhj-473x"
}
],
"release_date": "2022-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "h2: Loading of custom classes from remote servers through JNDI"
},
{
"cve": "CVE-2022-23596",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2022-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2049778"
}
],
"notes": [
{
"category": "description",
"text": "Junrar is an open source java RAR archive library. In affected versions A carefully crafted RAR archive can trigger an infinite loop while extracting said archive. The impact depends solely on how the application uses the library, and whether files can be provided by malignant users. The problem is patched in 7.4.1. There are no known workarounds and users are advised to upgrade as soon as possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "junrar: A carefully crafted RAR archive can trigger an infinite loop while extracting",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23596"
},
{
"category": "external",
"summary": "RHBZ#2049778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23596",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23596"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23596",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23596"
}
],
"release_date": "2022-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "junrar: A carefully crafted RAR archive can trigger an infinite loop while extracting"
},
{
"cve": "CVE-2022-23913",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2063601"
}
],
"notes": [
{
"category": "description",
"text": "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis-commons: Apache ActiveMQ Artemis DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23913"
},
{
"category": "external",
"summary": "RHBZ#2063601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2",
"url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"
}
],
"release_date": "2022-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "artemis-commons: Apache ActiveMQ Artemis DoS"
},
{
"cve": "CVE-2022-24614",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-02-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2058763"
}
],
"notes": [
{
"category": "description",
"text": "When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "metadata-extractor: Out-of-memory when reading a specially crafted JPEG file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24614"
},
{
"category": "external",
"summary": "RHBZ#2058763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24614"
}
],
"release_date": "2022-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "metadata-extractor: Out-of-memory when reading a specially crafted JPEG file"
},
{
"cve": "CVE-2022-25845",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2100654"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in com.alibaba:fastjson, a fast JSON parser/generator for Java. Affected versions of this package are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fastjson: autoType shutdown restriction bypass leads to deserialization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25845"
},
{
"category": "external",
"summary": "RHBZ#2100654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25845"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222"
}
],
"release_date": "2022-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Users who can not upgrade to the fixed version may enable safeMode; this completely disables the autoType function and eliminates the vulnerability risk. [https://github.com/alibaba/fastjson/wiki/fastjson_safemode]",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fastjson: autoType shutdown restriction bypass leads to deserialization"
},
{
"cve": "CVE-2022-26336",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2063292"
}
],
"notes": [
{
"category": "description",
"text": "A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the application allows untrusted users to supply them, then a carefully crafted file can cause an Out of Memory exception. This issue affects poi-scratchpad version 5.2.0 and prior versions. Users are recommended to upgrade to poi-scratchpad 5.2.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26336"
},
{
"category": "external",
"summary": "RHBZ#2063292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26336"
}
],
"release_date": "2022-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception"
},
{
"cve": "CVE-2022-26520",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2022-03-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064007"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql-jdbc: Arbitrary File Write Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat informs that although there\u0027s a difference from NVD CVSSv3 score there\u0027s a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it\u0027s needed. This require non-default configuration and also it\u0027s not expected to allow an untrusted user to perform this kind of setting.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26520"
},
{
"category": "external",
"summary": "RHBZ#2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26520"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "postgresql-jdbc: Arbitrary File Write Vulnerability"
},
{
"cve": "CVE-2022-30126",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-05-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2088523"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tika-core: Regular Expression Denial of Service in standards extractor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30126"
},
{
"category": "external",
"summary": "RHBZ#2088523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30126"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30126",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30126"
}
],
"release_date": "2022-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tika-core: Regular Expression Denial of Service in standards extractor"
}
]
}
RHSA-2022:5483
Vulnerability from csaf_redhat - Published: 2022-07-01 09:52 - Updated: 2025-12-01 12:52Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.7.2 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.7.2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5483",
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2038898",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038898"
},
{
"category": "external",
"summary": "2040693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040693"
},
{
"category": "external",
"summary": "2040695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040695"
},
{
"category": "external",
"summary": "2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "2048537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048537"
},
{
"category": "external",
"summary": "2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "2055658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055658"
},
{
"category": "external",
"summary": "2056962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056962"
},
{
"category": "external",
"summary": "2058172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058172"
},
{
"category": "external",
"summary": "2058529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058529"
},
{
"category": "external",
"summary": "2061335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061335"
},
{
"category": "external",
"summary": "2062266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062266"
},
{
"category": "external",
"summary": "2062862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062862"
},
{
"category": "external",
"summary": "2074675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074675"
},
{
"category": "external",
"summary": "2076593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076593"
},
{
"category": "external",
"summary": "2076599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076599"
},
{
"category": "external",
"summary": "2078459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078459"
},
{
"category": "external",
"summary": "2079252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079252"
},
{
"category": "external",
"summary": "2082221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082221"
},
{
"category": "external",
"summary": "2082225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082225"
},
{
"category": "external",
"summary": "2088022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088022"
},
{
"category": "external",
"summary": "2088026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088026"
},
{
"category": "external",
"summary": "2089126",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089126"
},
{
"category": "external",
"summary": "2089411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089411"
},
{
"category": "external",
"summary": "2089859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089859"
},
{
"category": "external",
"summary": "2090317",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090317"
},
{
"category": "external",
"summary": "2096939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096939"
},
{
"category": "external",
"summary": "2100486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100486"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5483.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update",
"tracking": {
"current_release_date": "2025-12-01T12:52:05+00:00",
"generator": {
"date": "2025-12-01T12:52:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2022:5483",
"initial_release_date": "2022-07-01T09:52:30+00:00",
"revision_history": [
{
"date": "2022-07-01T09:52:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-07-01T09:52:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-01T12:52:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.7",
"product": {
"name": "8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.7.2-5"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"product": {
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"product_id": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-legacy-rhel8-operator\u0026tag=v1.7.2-19"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.7.2-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.7.2-2"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.7.2-18"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.7.2-19"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.7.2-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.7.2-9"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8\u0026tag=v1.7.2-2"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"product": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8\u0026tag=v1.7.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64"
},
"product_reference": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
},
"product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-01T09:52:30+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2022-0235",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044591"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-fetch: exposure of sensitive information to an unauthorized actor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "RHBZ#2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
"url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-01T09:52:30+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-fetch: exposure of sensitive information to an unauthorized actor"
},
{
"cve": "CVE-2022-0536",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-02-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053259"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0536"
},
{
"category": "external",
"summary": "RHBZ#2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536"
}
],
"release_date": "2022-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-01T09:52:30+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak"
}
]
}
RHSA-2022_0735
Vulnerability from csaf_redhat - Published: 2022-03-03 15:19 - Updated: 2024-12-17 22:54Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes
Notes
Topic
Red Hat Advanced Cluster Management for Kubernetes 2.4.2 General Availability
release images. This update provides security fixes, fixes bugs, and updates the container images.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/
Security updates:
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* containerd: Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816)
* minio-go: user privilege escalation in AddUser() admin API (CVE-2021-43858)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* fastify-static: open redirect via an URL with double slash followed by a domain (CVE-2021-22963)
* moby: `docker cp` allows unexpected chmod of host file (CVE-2021-41089)
* moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal (CVE-2021-41091)
* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
* node-fetch: Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0235)
* nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)
Bug fixes:
* Trying to create a new cluster on vSphere and no feedback, stuck in "creating" (Bugzilla #1937078)
* The hyperlink of *ks cluster node cannot be opened when I want to check the node (Bugzilla #2028100)
* Unable to make SSH connection to a Bitbucket server (Bugzilla #2028196)
* RHACM cannot deploy Helm Charts with version numbers starting with letters (e.g. v1.6.1) (Bugzilla #2028931)
* RHACM 2.4.2 images (Bugzilla #2029506)
* Git Application still appears in Application Table and Resources are Still Seen in Advanced Configuration Upon Deletion after Upgrade from 2.4.0 (Bugzilla #2030005)
* Namespace left orphaned after destroying the cluster (Bugzilla #2030379)
* The results filtered through the filter contain some data that should not be present in cluster page (Bugzilla #2034198)
* Git over ssh doesn't use custom port set in url (Bugzilla #2036057)
* The value of name label changed from clusterclaim name to cluster name (Bugzilla #2042223)
* ACM configuration policies do not handle Limitrange or Quotas values (Bugzilla #2042545)
* Cluster addons do not appear after upgrade from ACM 2.3.5 to ACM 2.3.6 (Bugzilla #2050847)
* The azure government regions were not list in the region drop down list when creating the cluster (Bugzilla #2051797)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.4.2 General Availability\nrelease images. This update provides security fixes, fixes bugs, and updates the container images.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console\u2014with security policy built in.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.\n\nThis advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/\n\nSecurity updates:\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* containerd: Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816)\n\n* minio-go: user privilege escalation in AddUser() admin API (CVE-2021-43858)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* fastify-static: open redirect via an URL with double slash followed by a domain (CVE-2021-22963) \n\n* moby: `docker cp` allows unexpected chmod of host file (CVE-2021-41089)\n\n* moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal (CVE-2021-41091)\n\n* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* node-fetch: Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0235)\n\n* nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)\n\nBug fixes:\n\n* Trying to create a new cluster on vSphere and no feedback, stuck in \"creating\" (Bugzilla #1937078)\n\n* The hyperlink of *ks cluster node cannot be opened when I want to check the node (Bugzilla #2028100)\n\n* Unable to make SSH connection to a Bitbucket server (Bugzilla #2028196)\n\n* RHACM cannot deploy Helm Charts with version numbers starting with letters (e.g. v1.6.1) (Bugzilla #2028931)\n\n* RHACM 2.4.2 images (Bugzilla #2029506)\n\n* Git Application still appears in Application Table and Resources are Still Seen in Advanced Configuration Upon Deletion after Upgrade from 2.4.0 (Bugzilla #2030005)\n\n* Namespace left orphaned after destroying the cluster (Bugzilla #2030379)\n\n* The results filtered through the filter contain some data that should not be present in cluster page (Bugzilla #2034198)\n\n* Git over ssh doesn\u0027t use custom port set in url (Bugzilla #2036057)\n\n* The value of name label changed from clusterclaim name to cluster name (Bugzilla #2042223)\n\n* ACM configuration policies do not handle Limitrange or Quotas values (Bugzilla #2042545)\n\n* Cluster addons do not appear after upgrade from ACM 2.3.5 to ACM 2.3.6 (Bugzilla #2050847)\n\n* The azure government regions were not list in the region drop down list when creating the cluster (Bugzilla #2051797)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0735",
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2001668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001668"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2008592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008592"
},
{
"category": "external",
"summary": "2012909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012909"
},
{
"category": "external",
"summary": "2015152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015152"
},
{
"category": "external",
"summary": "2023448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023448"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "2028100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028100"
},
{
"category": "external",
"summary": "2028196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028196"
},
{
"category": "external",
"summary": "2028931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028931"
},
{
"category": "external",
"summary": "2029506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029506"
},
{
"category": "external",
"summary": "2030005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030005"
},
{
"category": "external",
"summary": "2030379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030379"
},
{
"category": "external",
"summary": "2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "2032957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032957"
},
{
"category": "external",
"summary": "2034198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034198"
},
{
"category": "external",
"summary": "2036057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036057"
},
{
"category": "external",
"summary": "2036252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036252"
},
{
"category": "external",
"summary": "2039378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039378"
},
{
"category": "external",
"summary": "2041015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041015"
},
{
"category": "external",
"summary": "2042545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042545"
},
{
"category": "external",
"summary": "2043519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043519"
},
{
"category": "external",
"summary": "2044434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044434"
},
{
"category": "external",
"summary": "2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "2050847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050847"
},
{
"category": "external",
"summary": "2051797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051797"
},
{
"category": "external",
"summary": "2052573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0735.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes",
"tracking": {
"current_release_date": "2024-12-17T22:54:36+00:00",
"generator": {
"date": "2024-12-17T22:54:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0735",
"initial_release_date": "2022-03-03T15:19:13+00:00",
"revision_history": [
{
"date": "2022-03-03T15:19:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-03T15:19:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:54:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"product_id": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.4.2-82"
}
}
},
{
"category": "product_version",
"name": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"product": {
"name": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"product_id": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"product": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"product_id": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-image-service-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"product": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"product_id": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/clusterclaims-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"product": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"product": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"product": {
"name": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"product_id": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"product": {
"name": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"product_id": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.4.2-18"
}
}
},
{
"category": "product_version",
"name": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"product": {
"name": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"product_id": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.4.2-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"product": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"product_id": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"product": {
"name": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"product_id": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"product_id": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"product": {
"name": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"product_id": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-operator-bundle\u0026tag=v2.4.2-66"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"product": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"product_id": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"product_id": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"product": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"product_id": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"product": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"product": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.4.2-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"product_id": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"product_id": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"product": {
"name": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"product_id": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"product": {
"name": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"product_id": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"product_id": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"product": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"product_id": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"product": {
"name": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"product_id": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"product": {
"name": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"product_id": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"product": {
"name": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"product_id": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"product": {
"name": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"product_id": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-agent-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"product": {
"name": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"product_id": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"product": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"product_id": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-reporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"product_id": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"product_id": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"product": {
"name": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"product_id": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"product": {
"name": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"product_id": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"product_id": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"product": {
"name": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"product_id": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"product": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"product_id": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rclone-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"product": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"product_id": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-restic-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"product": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"product_id": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"product": {
"name": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"product_id": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.4.2-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"product_id": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.4.2-82"
}
}
},
{
"category": "product_version",
"name": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"product": {
"name": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"product_id": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"product": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"product_id": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/clusterclaims-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"product": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"product": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"product": {
"name": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"product_id": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"product": {
"name": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"product_id": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.4.2-18"
}
}
},
{
"category": "product_version",
"name": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"product": {
"name": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"product_id": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.4.2-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"product": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"product_id": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"product": {
"name": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"product_id": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"product_id": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"product": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"product_id": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"product_id": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"product": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"product_id": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"product": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"product": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.4.2-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"product": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"product_id": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"product_id": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"product": {
"name": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"product_id": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"product": {
"name": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"product_id": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"product_id": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"product": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"product_id": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"product": {
"name": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"product_id": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"product": {
"name": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"product_id": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"product": {
"name": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"product_id": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"product_id": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"product_id": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"product": {
"name": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"product_id": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"product": {
"name": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"product_id": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"product_id": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"product": {
"name": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"product_id": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"product": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"product_id": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rclone-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"product": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"product_id": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-restic-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"product": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"product_id": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"product": {
"name": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"product_id": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.4.2-9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"product_id": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.4.2-82"
}
}
},
{
"category": "product_version",
"name": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"product": {
"name": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"product_id": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"product": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"product_id": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-image-service-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"product": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"product_id": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/clusterclaims-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"product": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"product": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"product": {
"name": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"product_id": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"product": {
"name": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"product_id": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.4.2-18"
}
}
},
{
"category": "product_version",
"name": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"product": {
"name": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"product_id": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.4.2-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"product": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"product_id": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"product": {
"name": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"product_id": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"product_id": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"product": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"product_id": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"product_id": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"product": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"product_id": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.4.2-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.4.2-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.4.2-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"product_id": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"product_id": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"product": {
"name": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"product_id": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"product": {
"name": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"product_id": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"product_id": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"product": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"product_id": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.4.2-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"product": {
"name": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"product_id": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"product": {
"name": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"product_id": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"product": {
"name": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"product_id": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"product": {
"name": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"product_id": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"product": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"product_id": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-reporter-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"product_id": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.4.2-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"product_id": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.4.2-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"product": {
"name": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"product_id": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.4.2-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"product": {
"name": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"product_id": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.4.2-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.4.2-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"product_id": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.4.2-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"product": {
"name": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"product_id": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"product": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"product_id": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rclone-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"product": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"product_id": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-restic-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"product": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"product_id": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-mover-rsync-rhel8\u0026tag=v2.4.2-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"product": {
"name": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"product_id": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.4.2-9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64"
},
"product_reference": "rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x"
},
"product_reference": "rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le"
},
"product_reference": "rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64"
},
"product_reference": "rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x"
},
"product_reference": "rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le"
},
"product_reference": "rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le"
},
"product_reference": "rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64"
},
"product_reference": "rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64"
},
"product_reference": "rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64"
},
"product_reference": "rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le"
},
"product_reference": "rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le"
},
"product_reference": "rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64"
},
"product_reference": "rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64"
},
"product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le"
},
"product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x"
},
"product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x"
},
"product_reference": "rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le"
},
"product_reference": "rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64"
},
"product_reference": "rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64"
},
"product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x"
},
"product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le"
},
"product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64"
},
"product_reference": "rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le"
},
"product_reference": "rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x"
},
"product_reference": "rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x"
},
"product_reference": "rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le"
},
"product_reference": "rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64"
},
"product_reference": "rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x"
},
"product_reference": "rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le"
},
"product_reference": "rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64"
},
"product_reference": "rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64"
},
"product_reference": "rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x"
},
"product_reference": "rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le"
},
"product_reference": "rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64"
},
"product_reference": "rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le"
},
"product_reference": "rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x"
},
"product_reference": "rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64"
},
"product_reference": "rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x"
},
"product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64"
},
"product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le"
},
"product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64"
},
"product_reference": "rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x"
},
"product_reference": "rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le"
},
"product_reference": "rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64"
},
"product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x"
},
"product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64"
},
"product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x"
},
"product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x"
},
"product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le"
},
"product_reference": "rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64"
},
"product_reference": "rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x"
},
"product_reference": "rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64"
},
"product_reference": "rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le"
},
"product_reference": "rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x"
},
"product_reference": "rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le"
},
"product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64"
},
"product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x"
},
"product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le"
},
"product_reference": "rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64"
},
"product_reference": "rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x"
},
"product_reference": "rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le"
},
"product_reference": "rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x"
},
"product_reference": "rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64"
},
"product_reference": "rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x"
},
"product_reference": "rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le"
},
"product_reference": "rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64"
},
"product_reference": "rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le"
},
"product_reference": "rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64"
},
"product_reference": "rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x"
},
"product_reference": "rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x"
},
"product_reference": "rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64"
},
"product_reference": "rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le"
},
"product_reference": "rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64"
},
"product_reference": "rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x"
},
"product_reference": "rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le"
},
"product_reference": "rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le"
},
"product_reference": "rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64"
},
"product_reference": "rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x"
},
"product_reference": "rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le"
},
"product_reference": "rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64"
},
"product_reference": "rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x"
},
"product_reference": "rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64"
},
"product_reference": "rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x"
},
"product_reference": "rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"relates_to_product_reference": "8Base-RHACM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8",
"product_id": "8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
},
"product_reference": "rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22963",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2015152"
}
],
"notes": [
{
"category": "description",
"text": "A redirect vulnerability in the fastify-static module version \u003c 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fastify-static: open redirect via an URL with double slash followed by a domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22963"
},
{
"category": "external",
"summary": "RHBZ#2015152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22963",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22963"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22963",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22963"
}
],
"release_date": "2021-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fastify-static: open redirect via an URL with double slash followed by a domain"
},
{
"cve": "CVE-2021-43565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030787"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an input validation flaw in golang.org/x/crypto\u0027s readCipherPacket() function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: empty plaintext packet causes panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "go-toolset shipped with Red Hat Developer Tools - Compilers and golang shipped with Red Hat Enterprise Linux 8 are not affected by this flaw because they do not ship the vulnerable code.\n\nThis flaw was rated to have a Moderate impact because it is not shipped in the Golang standard library and thus has a reduced impact to products compared with other flaws of this type.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43565"
},
{
"category": "external",
"summary": "RHBZ#2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565"
}
],
"release_date": "2021-12-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto: empty plaintext packet causes panic"
},
{
"cve": "CVE-2021-43816",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2022-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044434"
}
],
"notes": [
{
"category": "description",
"text": "An incorrect permission assignment flaw was found in containerd. This flaw allows a local attacker to use a specially designed text file to read and write files outside of the container\u0027s scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containerd: Unprivileged pod may bind mount any privileged regular file on disk",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because Red Hat OpenStack Platform\u0027s director-operator does not use hostPath volumes, the RHOSP Impact has been rated Low impact and no updates will be provided at this time for its containers.\n\nIn Red Hat OpenShift Container Platform (OCP) the containerd package is not actually used, but because the containerd API is supported the core OCP components are listed as affected by this CVE and the impact is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43816"
},
{
"category": "external",
"summary": "RHBZ#2044434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43816"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c"
}
],
"release_date": "2022-01-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "containerd: Unprivileged pod may bind mount any privileged regular file on disk"
},
{
"cve": "CVE-2021-43858",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2021-12-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2036252"
}
],
"notes": [
{
"category": "description",
"text": "MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minio: user privilege escalation in AddUser() admin API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43858"
},
{
"category": "external",
"summary": "RHBZ#2036252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43858",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43858"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43858",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43858"
},
{
"category": "external",
"summary": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx",
"url": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx"
}
],
"release_date": "2021-12-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
},
{
"category": "workaround",
"details": "There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users.",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "minio: user privilege escalation in AddUser() admin API"
},
{
"cve": "CVE-2022-0235",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044591"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-fetch: exposure of sensitive information to an unauthorized actor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "RHBZ#2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
"url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-fetch: exposure of sensitive information to an unauthorized actor"
},
{
"cve": "CVE-2022-24450",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2052573"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NATS nats-server in an experimental feature that provides dynamically provisioned sandbox accounts that do not check the clients\u2019 authorization. This flaw allows an attacker to take advantage of its valid account and switch over to another existing account without further authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24450"
},
{
"category": "external",
"summary": "RHBZ#2052573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24450"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/CVE-2022-24450.txt",
"url": "https://advisories.nats.io/CVE/CVE-2022-24450.txt"
}
],
"release_date": "2022-02-07T12:40:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-03-03T15:19:13+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:7ad765f7a5a74974f8f7e1bd7c7607f91c19067bcd2f5042cef99a1d91adec53_amd64",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e75f878531f55ddab73b1ba85bfd4216e9731e7530970309c98b02674f3657a6_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-grafana-rhel8@sha256:e828bec08e8f241ca9d8a5ff73c93c6cbd739971af84f992fcb3c8082f76e803_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:432fa46c31884249b7a119452cb85ade491de011eb5d838cd0b5831595d11351_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:575c94019f8f90d03ed5f79e168b6e059b3adb56ad8b1e1805541bb40ba42df1_s390x",
"8Base-RHACM-2.4:rhacm2/acm-must-gather-rhel8@sha256:891ee5829ed679b75f958d35b6a544f438f5e214b844a173c282ded1d176a7b0_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:127aeff2e13eeac87c9520ae415533810622bbe1a18555ded8eae09c5bbc8e56_amd64",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:b57d0e3d5bcb4baed92928a942323ce7bf11ee334b8d4b00948469ce04378836_ppc64le",
"8Base-RHACM-2.4:rhacm2/acm-operator-bundle@sha256:e51b856ca8caffa6b9b1a7f38bad692fbfe53cdedb787a261f5d3b2edaa4cb16_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:68e4bf785e9e7b33862c8e63c2fcf1852dc2252d3c59b9e7e73c65e142d95b16_amd64",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:6f96c92a149ab8c99da14a172fd08136d341bab7b34c3a689c13617243999525_s390x",
"8Base-RHACM-2.4:rhacm2/agent-service-rhel8@sha256:741604a600622a23298238ae77c8158a0f48a7078c1e9e11ce64e20482cc65d2_ppc64le",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:22ee444356dd999c4e5c191042835d5786f4fdfce2ec771dfac678af7f575d55_amd64",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:2b3ad388c0485e87b9450eadb24375e15d6cb6574382e5a66c4a59395a77f44f_s390x",
"8Base-RHACM-2.4:rhacm2/application-ui-rhel8@sha256:f66de61a6a86e3f29ea3efa782313a98b5a9a97ea45e6fd31c186b030ffb9e04_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:4473c90affee14d9e246542533e3667eb6107475da0c0429151cd4c0317ecf4d_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-image-service-rhel8@sha256:f329cfb7b49c76522263d25e3ed665ad4b28d2a1b72439607d1ce364c12f7dc0_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-agent-rhel8@sha256:9a2d03fae3955d22bc0238e5a7f27d41f4b7c20231dbce50d4835c2e69826645_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:513da2c261c47b697a7045b5633900a6da254297536b2bf83ea8c42ca3ff213f_amd64",
"8Base-RHACM-2.4:rhacm2/assisted-installer-reporter-rhel8@sha256:942d75d78c299ffa8f32d52150642cd8544bfca763df8d751a4da9b888702e5c_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:1f43259f4c720ea841c8e8889c83e0cd6ea46fa0d6dd1a224a57c8b1b90590c2_ppc64le",
"8Base-RHACM-2.4:rhacm2/assisted-installer-rhel8@sha256:fc704563b786d0e0a23f407dd16a445abbc51f54f73c275e59e0962240635995_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:4deb60b66fdaf7b3e38ad5abaace000aa000f51b522b7f4878d5d960651116fb_amd64",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:69556bb78f47370e306f762f29c7d871272bd0fdaa8289fb4a5582eda05014e8_ppc64le",
"8Base-RHACM-2.4:rhacm2/cert-policy-controller-rhel8@sha256:b9216c2370954d4ce43dfb21385abaaa66279eb89614673bfb764db720968f68_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:4017c8393339e5107fc5218329a689c2e4c7e655f56dffe96c17ab504b26d08e_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:89dc6255478d6fa18fe8998974b5d89899cbf57fe6ffe7182553cd2be2c0d204_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-backup-rhel8-operator@sha256:cdee6ef04071b6671c15e06874bbf52a36b12cabd156a68d21f5e471ddae763d_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ce4139f81d16457aa745524a52edbf1e6b8ef7d0614b60837017e0b646cd5e2_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:5ff884a2f10c29b50e766c4bbb1ea1d847edf498cde6203b9d61d21511d3184e_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-curator-controller-rhel8@sha256:87fb954186b7ee139e0ba6ac4f2b60bb15b6469f88b724fdc4b60e48775dc142_s390x",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:0e7a5fde528ea05aee9d3f6575aca3fe98c51208ee94a982829842a15c76c00e_amd64",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:9b2ba36a406e91d019399e63d73d3b6a648048660cc69e69c0ab90040d565047_ppc64le",
"8Base-RHACM-2.4:rhacm2/cluster-proxy-addon-rhel8@sha256:a524ecfa671ecf0fe0d994fd98abc385e18b7fa506efd5ee48147c2ffa93f8c5_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:50feca8c2c9dad687fe83b9e805b3f430fc68279165ad44d3436f3dda8762834_s390x",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:95da9b43e54025c698d1cb8957c485a5bf135c76ff1a7cdb6b4619c05483edd5_ppc64le",
"8Base-RHACM-2.4:rhacm2/clusterclaims-controller-rhel8@sha256:db9bf53ebe9ea45e328b680dfbc3634e9f05af011f387f7f2257fc7cb71445bc_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:616c8cf43cd9ecaaa775c53b407b34d12d6799741758e7d556b8a9357fee31c5_amd64",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:84b0d2a12fd8da95b9de8046f55a8b3760efafb4a1e3b62c9d09c4d1aeab238a_s390x",
"8Base-RHACM-2.4:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:94bf654601310c10ec3a0fa39cf442421b1e36130abe1e79a2bdc08776a3a922_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:2de3a7c1302b2166f1e1bd8505d8b51afd830d81af8eb4acfb4fcf96f8636fd7_ppc64le",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:7c30e45694cb07b1010eb5540060e83f0a82987eb4c0cbe3174ed336f47e539b_amd64",
"8Base-RHACM-2.4:rhacm2/config-policy-controller-rhel8@sha256:c41d0547cf72afa9b6d1dd1a8bef5124ec88da66e394c152dad733fab43be602_s390x",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:1bb83293e5ee7e529f81b38be755dfaa94a299e1dc913a9975602b93b47dc10d_amd64",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:7c75b8bc4d5e1fbaca872bcd0f6884745d7cf23de0d67cab8968bb3fb0c2034f_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-api-rhel8@sha256:be33bd9ba6528cdc9f2b8ba66afcdad938c38c455b5f279157e6ba30b22b2c1f_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:5080e1403ff72485584ec2a4d0a225c9388413c38ade3938bfac437aa522fbee_s390x",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:b3031b5a24766bd32cf61de5f45186bec27428d406081b191853e3a40e8394ac_ppc64le",
"8Base-RHACM-2.4:rhacm2/console-rhel8@sha256:e0286e91cc823a0f41d81fea5e35dc5e7653555a78a561fc29736941348c4538_amd64",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:13ee23689f50539303a66acb65d9d5b640c250e06e5d05810c436b569c2a6f8b_s390x",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:47db5d047b2f860c00d6882863900da2b8a6067decad0eeeaff2d8bc66e7d271_ppc64le",
"8Base-RHACM-2.4:rhacm2/discovery-rhel8-operator@sha256:88d7d60d1a80ee47c4a75f80dfeaf893dd45ebdabc8ae06a23813bae5251b808_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:0158b20d7b78f6471ce923eb7168dd63d22c0d02e91cbe6f5b903024bc17430c_ppc64le",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7122871acaed432069a4311f0b106133099506764c49432af2366ebbf6e735ae_amd64",
"8Base-RHACM-2.4:rhacm2/endpoint-monitoring-rhel8-operator@sha256:acbc814251061b69f568eb0b68d19fa519cd7a406c308c1a8699b7e1ef0565e3_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:278f809b3ad8d66d442d0ced24ca94a86468e51c907a9052532f00ff48ce5d34_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:84be0cb61507566717cc70637c9ce2c289c891b757327cbb5eb237308c335938_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-propagator-rhel8@sha256:a9af53cccbb6810a1d67adbbc631b7329b8840a33cc0779cc21e8f0d394504d2_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:38168cd0059800454520f7568d4efa35278bdcef28f8d2a1e4bd19242f025f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:399321a490ab61ef8184ec0ef1855b59b24082b8c6d24445a7ade5722b3969cb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-spec-sync-rhel8@sha256:d9f5d296c71f76ff20c163674a59fc6151118239c4956e2d9c9b74deec42b793_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:1e667a63da6c7f5eba63931eda41a672f234e292d9f1bc16959447513ca1fedb_amd64",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:527f35f58eb15a430fe2ab0720d3739cc5022c136463fa6ad2b38f7c9cda2d87_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-status-sync-rhel8@sha256:bf78ebefdc584acb34fd94a1faa08898d192f7df830036f905c1307e80d27c66_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:1d053e368bb99e737710d545164808c253f3e3831aad5ef2e4cf79752d76f56c_ppc64le",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:444821b02b342f6871e3c718bc5604e56e978dd6c597512211e1332ae22b649b_s390x",
"8Base-RHACM-2.4:rhacm2/governance-policy-template-sync-rhel8@sha256:744c43604f7381b650242245e3dd85a8534f6ca260c1490a628989a98e363d02_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:9896325b301ce676404def9d29e164e3e601b79693bf7c934720ac242655281b_amd64",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:a12da1a3a01a820c77b11ea3acb413935d0930cceb45c9e1444235c13ea3bb3e_ppc64le",
"8Base-RHACM-2.4:rhacm2/grafana-dashboard-loader-rhel8@sha256:ed1e2ed65250b9df127404a2f8967ce3b6618e0a45fa167c2e0f5de92c88b82f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:8318166aa2666e10829d39d9db5d8e42cdf43de57c89895debeafffdbb518189_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:e1f2bf3960db6e3d8be7b8516a667414cd5a1a7f26bfe836ad850b31874be31f_s390x",
"8Base-RHACM-2.4:rhacm2/grc-ui-api-rhel8@sha256:f07ab714918a14db3df51a35075fadb4041898b65f311d33c447dc51c6a24aea_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:4694aee10e6c0bddd3ca40eddabe0cd9c2cdb11a6d337ad927d2ee2937bce2af_amd64",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:e4fdf960685287683d70a93bb974b5be4f5bde9455b1462afd3f8d2aafdef9a0_ppc64le",
"8Base-RHACM-2.4:rhacm2/grc-ui-rhel8@sha256:f2d8b01704784b1119a40a7685141e2a1b860146a8dcb35aac62b361aa201c83_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:1d9e07c237cae889acb7933df1ebf57403156f964afabb7424bfdf5baf0b63f8_ppc64le",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:bbe2d061e4c1a0b187e5880072cb1bb4c81e636c67d858052236f577831fced1_s390x",
"8Base-RHACM-2.4:rhacm2/iam-policy-controller-rhel8@sha256:c42e1c8111480b625125b20fa60c1cc9c8426b7a68cb35cffc16a9c034bce558_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:3ab61ad4bcefc950db4710de9955beaf9f95abc19bd5ed0f0125a8b68ddf265f_amd64",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:75f165ecddbde23574cc1ad6c3c77dee90b42a898659d960cac19db88ffaa5f7_s390x",
"8Base-RHACM-2.4:rhacm2/insights-client-rhel8@sha256:cce05c2744e8499ef6a5aacd32f0313ec631dd1c27d3022416b0b08554c35895_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:3fe48e408101c09a9ab56076b06e1d44afac4132d5c8e2e57316896fab9a0302_ppc64le",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:65dc63492799715be0f601cd02b3f13ae24d0c1f88d2fae4251d3db5a401e822_amd64",
"8Base-RHACM-2.4:rhacm2/insights-metrics-rhel8@sha256:877a965fb49d48ca3beef758beadf0ea57f5701327f846547a8974879f13181f_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:04aab3265d4d73eb06e3a2e11b998c4fb2c169821c496a1d9e8a8bb4a8b521e6_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f054196bd733c5fc1eaa00679edf742788da0e517721b491acefb8ea05ad29c5_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-controller-rhel8@sha256:f48b53e9c3879329853160fb9d6cd689bc877416a8dac3abbd360ad8fdbc3e1a_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:512efdfa293a61aceddfe2bb87fe490f3cbd2f3e859ef17d9c032901a3b217d4_amd64",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:64d368988fa500dda8f895b47f66a27320af582b5ec8138b63dc386117499c00_s390x",
"8Base-RHACM-2.4:rhacm2/klusterlet-addon-rhel8-operator@sha256:d685938359a78a36f80f92a0f4d941e292084fd5a4e6cc1e167784ea3fc4b0ab_ppc64le",
"8Base-RHACM-2.4:rhacm2/klusterlet-operator-bundle@sha256:23a599d92dbb13d2287420352afba79bb8c93fecb2bc3d68955840f49e347936_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:34dc7266c114102615152f534549e38748b782a188e0081710812146c1c50f55_amd64",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:59178408ec264b84b71fb33422a48d717026a22246c463b9399ae02999140a2c_s390x",
"8Base-RHACM-2.4:rhacm2/kube-rbac-proxy-rhel8@sha256:a7d61ea53e762e466d9699fa0345dfade94126965e81716d77c7dc31195c7062_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:78d6375f8f560155a434d6277fe3ede97bbcb87ca46012db77a4677b16dfd731_ppc64le",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:b7196cd582f986a0a0bfaff9647b7c10ae68e30b0caff80cc8e66a5541a48103_s390x",
"8Base-RHACM-2.4:rhacm2/kube-state-metrics-rhel8@sha256:fcbb6e76beb327b89a2a862f569721a0839c275aeb4335414679f25d0ffd1e21_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:1d3b991c053ed24c93a95392af081a3931b2363f8eca576cc8de1a3e740b3ece_s390x",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:3011704c4abc5c58700d8ab5e00c263a0af6b5fd797ad19450b2ccc104a9b6c9_amd64",
"8Base-RHACM-2.4:rhacm2/managedcluster-import-controller-rhel8@sha256:329d05d26d20bcba02b5db10b1812ccaa239c69c0430138310073ef008a3a929_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:12ff9c1dd7a6507b5c378056bec3a2d40eb4f0282ee466376597c9ecc2abd1e7_s390x",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:cb6aad38c4e55e07499fbe505e0f2a50ac9c3159415adba3e2e3da51954e251f_ppc64le",
"8Base-RHACM-2.4:rhacm2/management-ingress-rhel8@sha256:ead4f3f9096943eb5eb07823e4697731b1827ee6b7ca7bff479a729fe177aee7_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:18f512d6987717d357af4c9a20b346daa72e729a0f9aa1fb1a09d45d058f50a2_ppc64le",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:5278e0f5454de3809c1306aba944078a705675f71993248f27dbba6337b56f80_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-exporter-rhel8@sha256:a98f2650bfc3bdcf1f1d33f494d7ce362b4813320f120ceb2ed3e6973d18049c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:4d97b9be7f952d218b181cad72be3b95a22e9449618d5a9a93cbecca44c9d69c_amd64",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:907c7777f8de539414d4d840f7114c0b3791ef3074f24345ee865965319b7967_s390x",
"8Base-RHACM-2.4:rhacm2/memcached-rhel8@sha256:ee90f9d31de42aa82d46a10d5ef663cad76bba36b1a749985282567b0d4ed2b5_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:318844339ff21d7fd88c67661755bf00931dd937ce66c589cd780443b7091471_ppc64le",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:331c4bcddb0f09043a6c33bb160f224e90954cbe8da8e18b04f7cd0781f2c3aa_s390x",
"8Base-RHACM-2.4:rhacm2/metrics-collector-rhel8@sha256:98e73275cd067e5025c7e2799d9a5f3aa6dd6733b07e61c2fc7c2092352f9c1e_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:37bd60df1bdd91a8c420558f7213d190bb210da5c1acefde17d1761c95ec53f3_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:ba2c97883b5db1fa2dc6165a35b0ee55a51cc67fca546b83277412dfd1fd8583_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-integrations-rhel8@sha256:f10f7dbaf7ea3647189866b131f6ca667e65b8899abfd78b8f82c3d7e6fdcf85_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:621b4ddc231fdd31f390ead0fe2381c700af5407732fea63085ac0982c0908c3_amd64",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:a59dbcdda14151e06b9ac2caf030614dff7e2a49d6348ff6ccb6d7670c648f63_s390x",
"8Base-RHACM-2.4:rhacm2/multicloud-manager-rhel8@sha256:fe567f4d510f0667729db2c9c505ea032400aa24f9d4c88aeccb57aa4ae547c7_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:09ab53941e221bcfc8b98bcb246bf9648859b36df4fdcfddb8f6732dc41705df_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:503176624c95c28f59c9648d0379cdcd918f8272399566fc649bb10e7a93045a_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-observability-rhel8-operator@sha256:8becdb4b7c33f6fb1ba6eb03fb197b28b27dca5906a769791e7f5a152f0dd197_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:230b8003258ba9831449a7cc242707afffbe126263a52932ea6cf581dd9eba9e_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:8ffa004351f5defc4deaa056e09ca2ec1f552f7baedcf003dfedfcd9de747430_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-application-rhel8@sha256:aae7471139dbe71eb36055c345bde76502df354dfc9adadf5ca512cc961edd7b_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:4cf4d1d8fbc661571d8baf684e9ee782920f080824594ee54571b8790622fc4f_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:e9b88db0c3c79289588cf56d528565cb0ccddecae572c526446d3a704f6571eb_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-channel-rhel8@sha256:fe43398b3d809f5ae41a99452020754e92dd4c9ccc5fe10c42cf87f2969c7ad4_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:7daf5757f87c9ac18d91b1431e5f63df74d5db777b6b79f1ed7830727e3efd35_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:9e82acf48b6741268fbd2c5849b947e4d284b48d8d7941b3917fb035bca81a3f_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-deployable-rhel8@sha256:d7222e797e9bf03320445f1d67c4d990d6e98bbf8a2fa12d82716369d4b64385_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:1dd6c8f6833f0159e197f50d9f6fe0a44b45f5ad0e8d822d5325555639e9fcb5_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b2a10e1dd6c2bfa9ee6873cfdec2b6eef5ff0234904807eadaa406da2324697d_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-placementrule-rhel8@sha256:b4029aa3b68fcf77f8ecf92179f74610c35051beac4cb4b33613885d16c1acc9_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:47f4ea10e7d8209d86a0c3af033670abe37e09f31c6275fbd2d49dc6b195eabc_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:7558fc235c97bb55d4a76cfdbfbcd589dd8b65ee2290a451d3a4fc91510915ed_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:98964af70ee368b78023b16e846aed237a9d39ef4c69182789e1c4caca662bef_s390x",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:0fb1a04cd4fa987c56e7c982548da8773c0a1e74a90cdc1b4074a0616bbfb23e_amd64",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:603b7716f8cc0190a192e00f706eb9eec967dcaf38e8e3ba0cb244eec9f72f2e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multicluster-operators-subscription-rhel8@sha256:f9cc5d3ae578c7482ab2b1694a2c25e514d6c388b9491003fa39c8a97d6be2f9_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:0d7c45874aa0f71e3dc49b56c854b9e57ace9c421b10bcac469b1489eafc564e_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:48bb59caf3bf97127a011b4a0e498cf32929d67b43295d06f285cb97b012cdf0_s390x",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-repo-rhel8@sha256:53151d32dbefd0807cceec77f1494e8a809ee9fc23fab0597020ec4d884dcb39_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:04544aac65e577a4181016e7ef5cea6ed170e215a35bbc34123405d43537ecd2_amd64",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:4dc2ff0e5310371cb0b27f446dd632820367f627bf28ebdb8de63867754ace2b_ppc64le",
"8Base-RHACM-2.4:rhacm2/multiclusterhub-rhel8@sha256:fdff61c4ff656fdc88895f7672b2a9ee0fa95bb9ff37434073e6bf9916775bca_s390x",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:19a63687bc2e949f2aeb6da5473d623511224beac95e5e694ded9f320dff2db0_ppc64le",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:30b5b59e6ac3d8aca3bd70472e981b72a5569ab2faced406d53e5f67dd80b15c_amd64",
"8Base-RHACM-2.4:rhacm2/node-exporter-rhel8@sha256:d2a48ae0c108fcec39fa0a50e382ab3bfbadca9e062275c5451dc0b1056991c1_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:0a6f9dfc21a1e8308db988b495dda28f38571f46ce8e065cc13a7027a072aff3_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:11df95efc7a15087e1474e75fb996f3a918bc58cd6f4405d279b73cde4c5b33e_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8-operator@sha256:85112920a7e980dd65b2f2936e74fdad28ea75c84ae88ce8407bf37bfedcc8cf_amd64",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:1163822f38317133be6b1c154c0244d61ab4979a9d5618c0c91c7d62103d64ba_ppc64le",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:8d0a0a9b4316b5ee3f5699174bf7fd77e563f4b609929959559a4564e3cb1f92_s390x",
"8Base-RHACM-2.4:rhacm2/observatorium-rhel8@sha256:d76859cef17f7d69906864da834cd77daf0dcb8a675a0eb02699898453b17136_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:2d6b5b8e62c04a6e555c62d1ae6965c135fa634b4053c45a1f66aa63696cdbe6_ppc64le",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:91fd85fd127bd7e06cd6880dba8da4fc8ead640b08cd858b38de5416ff385d9d_amd64",
"8Base-RHACM-2.4:rhacm2/openshift-hive-rhel8@sha256:e180852ccf1a01adac62e25aa70f95b49056c16785bd39ff17d36b497a36c63b_s390x",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:2fff636f2eb0fd663896a063dc57b98dc6350f788d3688d342b7e69a23533cf5_amd64",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:d466883a10414ce2200f33562c7f6fd1f75834fd7c5eef92e91cca1dd8ac4d28_ppc64le",
"8Base-RHACM-2.4:rhacm2/placement-rhel8@sha256:e2488ec5f12a29cab342230f815d3d84f6fbae9f5b17791483641e0657c5f9fd_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:95eebdc280082b73309514b0c843d3ca5af8bd5bcd025260ba03b1df431c5c63_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:e213cd4a1c450ca6f33bd7817564a0a7e6957e9d093053dd8bfc74cef2c2ba48_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-alertmanager-rhel8@sha256:ed1dbc8fe15d50be13446a5b0a1b0fdcaa7356a04f0f42ba4948a9056d909ac1_s390x",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:0fd7c3dc44791985a30bd0a7134658f1ce8ed42ab3523fd473a14564a7138781_amd64",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:52d01cf3755a24f804f66db45908142e9f9149751ece7430454525020ef44af1_ppc64le",
"8Base-RHACM-2.4:rhacm2/prometheus-rhel8@sha256:8474c04cd07aba71c5577f67cda5df8d4d585a55e7d68e01683c0f5841a636a3_s390x",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:48f39d14c51c84b792aae0b19e28825be32f2f3b86a5b573e603df7a70966191_ppc64le",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:54a816d27381d6081a8c521e23f14f6548f7237b6390ce7af5a33a6ada1109cf_amd64",
"8Base-RHACM-2.4:rhacm2/provider-credential-controller-rhel8@sha256:dd56fe7ae86831b2958086ffbcf77a8be02dded085d0d76e1beebbe7a2fa80c5_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:15a4d4eb35801902fcb469f5df3125afedbbd11da44ae99682efd411da0a1dd4_amd64",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:87867f8e0f2acbbeab40ac8baef6857e1abbc0c4ddd036744ce86253c80eda6e_s390x",
"8Base-RHACM-2.4:rhacm2/rbac-query-proxy-rhel8@sha256:cc4798315e6533533ae90197cf470012ee0ecee6c13b859557035e170ea002fc_ppc64le",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:3c7d3bdc064b22e390a258a976eaf0c54b0c280eb3c49064b28431dc944ca6a1_amd64",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:5fd8a5aad1dff7addbf44a9ba1a06708eeb97ee852a3a9b970653d37b4bb16bc_s390x",
"8Base-RHACM-2.4:rhacm2/redisgraph-tls-rhel8@sha256:618a015207e3113d846fc3214a953374e0b1aa2c224d56705fcb47694e25ea2d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:2e6275048beaae5b9a9e6fb074be7a8dc91d05c274f3b4e43522ceb551b5420e_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:549ef9b0b5497a56fac5dcfd47ac036f49bd9535340176e90b92cd2b3cb710b9_amd64",
"8Base-RHACM-2.4:rhacm2/registration-rhel8-operator@sha256:75447adcda257e463af0be037fe0822c1180e75e84e9438fcddb7407e7b44e8b_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:88aef2c5424835c73aa609e284daac4aa736406d243fb8e5f541d6331e7fce3d_ppc64le",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:de84252fa823ccd3c0121e8623107bc08cf2ceeef18f34d9e258d6c0fa92a055_s390x",
"8Base-RHACM-2.4:rhacm2/registration-rhel8@sha256:e39c345a1cb6694fa96342805b66b6ce2d9a63e44f96acc2e67c4b1075cdb50c_amd64",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:5087c76da0d080cdd7e29558bad42a7d00f891d788e2e12434be379f45b454fe_s390x",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:841d5debda6e04818a963a8a684847daffbd84b3fb346606afde53f8f3628d3a_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-aggregator-rhel8@sha256:c5be5782e73ca02c8a05ff7313dd0e406bbe0ecba4baaaa36aba2c0808b985d2_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:0a7285622c8307d0eb2df006ddcc7699152810cc74efd906ee2a1a350b0d67b8_amd64",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:5775992cef4e3c56588959b61af847d1d8fe6ff708116c778aad8982d20623a4_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-api-rhel8@sha256:e586fa533ae363888e3e5d5da5983dbbf8a17ec8a4dd0f517cf7ab39c99f2940_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:670e247b5ece95d80833e9f5a60f71e0720f917cdaab8e8c21c01fe585941522_s390x",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:91718e703bcf82d5105955df5335c6ef17f0c0ed4ff544e33d8f5376ff7aa81f_amd64",
"8Base-RHACM-2.4:rhacm2/search-collector-rhel8@sha256:dbe8364dca9f75ae999919f6abe650b014bccce184865bad0b136cef555992f6_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:146ef37d86e92c2d10478b026ccd6d919b4052b9844818c739cce56021fceb49_s390x",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:5da5e0eb57ac8d01155abb2996a286231be7ef1fc46a6f4455c67f443a329ebd_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-rhel8@sha256:fcaba58b8bc4adc386f9406d4214729364047b98834cb514235c3f5231bb9a0d_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:6c2acd53bce089cfbf66133f5879b3d474f682645d4ce4ded6d8894f42660330_ppc64le",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:a5819d4fdd532f55e09c0e25840739fd47876e1b49cb62bf34e4a23f344b4c80_amd64",
"8Base-RHACM-2.4:rhacm2/search-ui-rhel8@sha256:db01d92c1ba097c8698668f84611d879e1590ef138a62789a39bf533738e3111_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:0d4c93433792015f48f8ea2336f56d1d1df1540aaa9bb86ac7c6610d8ed87abd_s390x",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:3c8840694603ecf5c8e53ddf5b0c19145f153b70cc2182b99346531b046ed069_ppc64le",
"8Base-RHACM-2.4:rhacm2/submariner-addon-rhel8@sha256:afbd76e4b257abe1381af5d4a29b233590afea1241b7e64fc91034341fafb632_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:3d3aaf25a6be4e693fb9fc4475733879cd644c19425a003a4ef3e8855c2a8e14_amd64",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:c922afdb70850eab744ec405a4ab342c95c7e322fefec43fcb871f4d2663c171_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-receive-controller-rhel8@sha256:d4a02920c52ada250ca158d98aa2338e2935ddad77c9180c6bcc7f533b672a33_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:1ba956819836909bf0917f886bbef0a561c966193c5848e1edb67150c9d699c1_ppc64le",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:580aad0242160ad15d2e72e40bd7afa021268c48cfcafb2fe4c88bedcc040f2d_s390x",
"8Base-RHACM-2.4:rhacm2/thanos-rhel8@sha256:7188467efbcc7c5f83cb088379f88c83de95b318208052bf6b3a112beb21aeba_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:942056a63bc612a419b3699cb9430155512497ad64675937a25101c3165bf1ba_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:b84a6ca6fb4b092a190b6d007b509638dd064e084ba1c426d13f9d77aed45b59_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rclone-rhel8@sha256:cc049bf3a5f7486b2412414034438789186a04e6fbc1f13b74a10e8f67936f26_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:2d4b965ef6ccf203b598c77fdc314d794fe62bcb9cdaa71a153424e11df2f9d8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:5d18cbe6c398ed9fbd355a5f3561c6b3cf953e7dc3481daeb30e66095fd4d88e_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-mover-restic-rhel8@sha256:ecf221ae20494c45a693466772e2e5d50cd79b5d6842db0b46c2459631917d80_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:504a4011c86000ec5ea3be4c028f4cf2db5e63468405887f24ddd218250d9517_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:6ebdd42e350d32b035b5275b03eeef4ce5a4119969626efbd040268068e21c24_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-mover-rsync-rhel8@sha256:f101217dd0d2f0162cf536ae64c9f4dfe7aa253113f40557c68fd59d09735f00_s390x",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:32ff5a9ad7a6b067e4a0c7c2edb527fad7e6b7adf7f69e2097f462bff42e0c10_ppc64le",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:5435619ea4b628cd5a49f8a053287507c79ae5b333e0d5538e86e91967f188a8_amd64",
"8Base-RHACM-2.4:rhacm2/volsync-rhel8@sha256:a2980755825299680388c5993a7b73a42feb8388de1b7dd0272ff0636d6a5d21_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:5027c9e91252fb2a9acdc1fa78cca9945715558f13319638f1a792f712fe6e52_amd64",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:74549d1ef48636ee653416eff13fcad553c44b802fbd20e7574f829aa2768ad2_s390x",
"8Base-RHACM-2.4:rhacm2/work-rhel8@sha256:f759338a32d6abe8f3b4f51fde01603b8907aeb2ef09a17641efff1f1725acde_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account"
}
]
}
RHSA-2022_0246
Vulnerability from csaf_redhat - Published: 2022-01-25 09:28 - Updated: 2024-12-17 22:54Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027608)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027608)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0246",
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0246.json"
}
],
"title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-17T22:54:19+00:00",
"generator": {
"date": "2024-12-17T22:54:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0246",
"initial_release_date": "2022-01-25T09:28:51+00:00",
"revision_history": [
{
"date": "2022-01-25T09:28:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T09:28:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:54:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:14:8040020211213111158:522a0ee4",
"product": {
"name": "nodejs:14:8040020211213111158:522a0ee4",
"product_id": "nodejs:14:8040020211213111158:522a0ee4",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"product": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"product_id": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.4.0%2B13503%2Bfc29810b?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.4.0%2B13503%2Bfc29810b?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
"product_reference": "nodejs:14:8040020211213111158:522a0ee4",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch"
},
"product_reference": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2021-37701",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37701"
},
{
"category": "external",
"summary": "RHBZ#1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1779",
"url": "https://www.npmjs.com/advisories/1779"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-37712",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37712"
},
{
"category": "external",
"summary": "RHBZ#1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1780",
"url": "https://www.npmjs.com/advisories/1780"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
}
]
}
RHSA-2022:4711
Vulnerability from csaf_redhat - Published: 2022-05-26 16:25 - Updated: 2025-11-21 18:31Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)
* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)
* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the \u0027of\u0027 option of the .position() util (CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:4711",
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes"
},
{
"category": "external",
"summary": "655153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=655153"
},
{
"category": "external",
"summary": "977778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=977778"
},
{
"category": "external",
"summary": "1624015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1624015"
},
{
"category": "external",
"summary": "1648985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1648985"
},
{
"category": "external",
"summary": "1667517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667517"
},
{
"category": "external",
"summary": "1687845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687845"
},
{
"category": "external",
"summary": "1781241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781241"
},
{
"category": "external",
"summary": "1782056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782056"
},
{
"category": "external",
"summary": "1849169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849169"
},
{
"category": "external",
"summary": "1878930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878930"
},
{
"category": "external",
"summary": "1922977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922977"
},
{
"category": "external",
"summary": "1926625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926625"
},
{
"category": "external",
"summary": "1927985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927985"
},
{
"category": "external",
"summary": "1944290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944290"
},
{
"category": "external",
"summary": "1944834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944834"
},
{
"category": "external",
"summary": "1956295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956295"
},
{
"category": "external",
"summary": "1959186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959186"
},
{
"category": "external",
"summary": "1964208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964208"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "1971622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971622"
},
{
"category": "external",
"summary": "1974741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974741"
},
{
"category": "external",
"summary": "1979441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979441"
},
{
"category": "external",
"summary": "1979797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979797"
},
{
"category": "external",
"summary": "1980192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980192"
},
{
"category": "external",
"summary": "1986726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986726"
},
{
"category": "external",
"summary": "1986834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986834"
},
{
"category": "external",
"summary": "1987121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1987121"
},
{
"category": "external",
"summary": "1988496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1988496"
},
{
"category": "external",
"summary": "1990462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990462"
},
{
"category": "external",
"summary": "1991240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991240"
},
{
"category": "external",
"summary": "1995793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995793"
},
{
"category": "external",
"summary": "1996123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996123"
},
{
"category": "external",
"summary": "1998255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998255"
},
{
"category": "external",
"summary": "1999698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999698"
},
{
"category": "external",
"summary": "2000031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000031"
},
{
"category": "external",
"summary": "2002283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002283"
},
{
"category": "external",
"summary": "2003883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003883"
},
{
"category": "external",
"summary": "2003996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003996"
},
{
"category": "external",
"summary": "2006602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006602"
},
{
"category": "external",
"summary": "2006745",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006745"
},
{
"category": "external",
"summary": "2007384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007384"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2008798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008798"
},
{
"category": "external",
"summary": "2010203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010203"
},
{
"category": "external",
"summary": "2010903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010903"
},
{
"category": "external",
"summary": "2013928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013928"
},
{
"category": "external",
"summary": "2014888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014888"
},
{
"category": "external",
"summary": "2015796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015796"
},
{
"category": "external",
"summary": "2019144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019144"
},
{
"category": "external",
"summary": "2019148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019148"
},
{
"category": "external",
"summary": "2019153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019153"
},
{
"category": "external",
"summary": "2021217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021217"
},
{
"category": "external",
"summary": "2023250",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023250"
},
{
"category": "external",
"summary": "2023786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023786"
},
{
"category": "external",
"summary": "2024202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024202"
},
{
"category": "external",
"summary": "2025936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025936"
},
{
"category": "external",
"summary": "2030596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030596"
},
{
"category": "external",
"summary": "2030663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030663"
},
{
"category": "external",
"summary": "2031027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031027"
},
{
"category": "external",
"summary": "2035051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035051"
},
{
"category": "external",
"summary": "2037115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037115"
},
{
"category": "external",
"summary": "2037121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037121"
},
{
"category": "external",
"summary": "2040361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040361"
},
{
"category": "external",
"summary": "2040402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040402"
},
{
"category": "external",
"summary": "2040474",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040474"
},
{
"category": "external",
"summary": "2041544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041544"
},
{
"category": "external",
"summary": "2043146",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043146"
},
{
"category": "external",
"summary": "2044273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044273"
},
{
"category": "external",
"summary": "2048546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048546"
},
{
"category": "external",
"summary": "2050566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050566"
},
{
"category": "external",
"summary": "2050614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050614"
},
{
"category": "external",
"summary": "2051857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051857"
},
{
"category": "external",
"summary": "2052557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052557"
},
{
"category": "external",
"summary": "2052690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052690"
},
{
"category": "external",
"summary": "2054756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054756"
},
{
"category": "external",
"summary": "2055136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055136"
},
{
"category": "external",
"summary": "2056021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056021"
},
{
"category": "external",
"summary": "2056052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056052"
},
{
"category": "external",
"summary": "2056126",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056126"
},
{
"category": "external",
"summary": "2058264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058264"
},
{
"category": "external",
"summary": "2059521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059521"
},
{
"category": "external",
"summary": "2059877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059877"
},
{
"category": "external",
"summary": "2061904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061904"
},
{
"category": "external",
"summary": "2065052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065052"
},
{
"category": "external",
"summary": "2066084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066084"
},
{
"category": "external",
"summary": "2066283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066283"
},
{
"category": "external",
"summary": "2069972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069972"
},
{
"category": "external",
"summary": "2070156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070156"
},
{
"category": "external",
"summary": "2071468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071468"
},
{
"category": "external",
"summary": "2072637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072637"
},
{
"category": "external",
"summary": "2072639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072639"
},
{
"category": "external",
"summary": "2072641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072641"
},
{
"category": "external",
"summary": "2072642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072642"
},
{
"category": "external",
"summary": "2072645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072645"
},
{
"category": "external",
"summary": "2072646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072646"
},
{
"category": "external",
"summary": "2075352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075352"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4711.json"
}
],
"title": "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update",
"tracking": {
"current_release_date": "2025-11-21T18:31:13+00:00",
"generator": {
"date": "2025-11-21T18:31:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:4711",
"initial_release_date": "2022-05-26T16:25:03+00:00",
"revision_history": [
{
"date": "2022-05-26T16:25:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-26T16:25:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:31:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product": {
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.4:el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"product": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"product_id": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"product": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"product_id": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"product_id": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "engine-db-query-0:1.6.4-1.el8ev.src",
"product": {
"name": "engine-db-query-0:1.6.4-1.el8ev.src",
"product_id": "engine-db-query-0:1.6.4-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"product": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"product_id": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"product": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"product_id": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"product": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"product_id": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"product": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"product_id": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"product": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"product_id": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"product": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"product_id": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"product": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"product_id": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:2.1.3-1.el8ev.src",
"product": {
"name": "ansible-runner-0:2.1.3-1.el8ev.src",
"product_id": "ansible-runner-0:2.1.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"product": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"product_id": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"product": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"product_id": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"product": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"product_id": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"product_id": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"product": {
"name": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"product_id": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"product": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"product_id": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"product": {
"name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"product_id": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java-javadoc@1.7.1-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"product": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"product_id": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"product": {
"name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"product_id": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-sshd-javadoc@2.8.0-0.1.el8ev?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"product": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"product_id": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"product": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"product_id": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"product": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"product_id": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"product_id": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"product": {
"name": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_id": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"product": {
"name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_id": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python38-ansible-runner@2.1.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-backend@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"product": {
"name": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"product_id": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python38-docutils@0.14-12.4.el8ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch"
},
"product_reference": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:2.1.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src"
},
"product_reference": "ansible-runner-0:2.1.3-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch"
},
"product_reference": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src"
},
"product_reference": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch"
},
"product_reference": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "engine-db-query-0:1.6.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch"
},
"product_reference": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "engine-db-query-0:1.6.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src"
},
"product_reference": "engine-db-query-0:1.6.4-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch"
},
"product_reference": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src"
},
"product_reference": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src"
},
"product_reference": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src"
},
"product_reference": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src"
},
"product_reference": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch"
},
"product_reference": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src"
},
"product_reference": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch"
},
"product_reference": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src"
},
"product_reference": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch"
},
"product_reference": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-docutils-0:0.14-12.4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch"
},
"product_reference": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch"
},
"product_reference": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src"
},
"product_reference": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch"
},
"product_reference": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src"
},
"product_reference": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch"
},
"product_reference": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src"
},
"product_reference": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
},
"product_reference": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-23425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995793"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-trim-off-newlines: ReDoS via string processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Directory Server 11 Web UI requires trim-off-newlines as a dependency, but it is not used in the 389-ds cockpit plugin, and not shipped as part of the RPM binary. Thus Red Hat Directory Server 11 is not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23425"
},
{
"category": "external",
"summary": "RHBZ#1995793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23425"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850",
"url": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850"
}
],
"release_date": "2021-05-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-trim-off-newlines: ReDoS via string processing"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2021-41182",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-10-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019144"
}
],
"notes": [
{
"category": "description",
"text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery-ui: XSS in the altField option of the datepicker widget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41182"
},
{
"category": "external",
"summary": "RHBZ#2019144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41182"
}
],
"release_date": "2021-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery-ui: XSS in the altField option of the datepicker widget"
},
{
"cve": "CVE-2021-41183",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-10-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019148"
}
],
"notes": [
{
"category": "description",
"text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery-ui: XSS in *Text options of the datepicker widget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41183"
},
{
"category": "external",
"summary": "RHBZ#2019148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019148"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41183"
}
],
"release_date": "2021-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery-ui: XSS in *Text options of the datepicker widget"
},
{
"cve": "CVE-2021-41184",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-10-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019153"
}
],
"notes": [
{
"category": "description",
"text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery-ui: XSS in the \u0027of\u0027 option of the .position() util",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41184"
},
{
"category": "external",
"summary": "RHBZ#2019153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184"
}
],
"release_date": "2021-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery-ui: XSS in the \u0027of\u0027 option of the .position() util"
}
]
}
RHSA-2022_4814
Vulnerability from csaf_redhat - Published: 2022-05-31 09:48 - Updated: 2024-12-17 21:57Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.6.5 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.6.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:4814",
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2057579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057579"
},
{
"category": "external",
"summary": "2072311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072311"
},
{
"category": "external",
"summary": "2074044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074044"
},
{
"category": "external",
"summary": "2074553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074553"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4814.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-17T21:57:25+00:00",
"generator": {
"date": "2024-12-17T21:57:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:4814",
"initial_release_date": "2022-05-31T09:48:42+00:00",
"revision_history": [
{
"date": "2022-05-31T09:48:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-31T09:48:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T21:57:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.6",
"product": {
"name": "8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.6.5-5"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.6.5-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.6.5-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.6.5-14"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.6.5-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8\u0026tag=v1.6.5-2"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8\u0026tag=v1.6.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
},
"product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-31T09:48:42+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-31T09:48:42+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
}
]
}
RHSA-2022_4711
Vulnerability from csaf_redhat - Published: 2022-05-26 16:25 - Updated: 2024-11-22 21:43Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)
* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)
* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the \u0027of\u0027 option of the .position() util (CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:4711",
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes"
},
{
"category": "external",
"summary": "655153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=655153"
},
{
"category": "external",
"summary": "977778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=977778"
},
{
"category": "external",
"summary": "1624015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1624015"
},
{
"category": "external",
"summary": "1648985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1648985"
},
{
"category": "external",
"summary": "1667517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667517"
},
{
"category": "external",
"summary": "1687845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687845"
},
{
"category": "external",
"summary": "1781241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781241"
},
{
"category": "external",
"summary": "1782056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782056"
},
{
"category": "external",
"summary": "1849169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849169"
},
{
"category": "external",
"summary": "1878930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878930"
},
{
"category": "external",
"summary": "1922977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922977"
},
{
"category": "external",
"summary": "1926625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926625"
},
{
"category": "external",
"summary": "1927985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927985"
},
{
"category": "external",
"summary": "1944290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944290"
},
{
"category": "external",
"summary": "1944834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944834"
},
{
"category": "external",
"summary": "1956295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956295"
},
{
"category": "external",
"summary": "1959186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959186"
},
{
"category": "external",
"summary": "1964208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964208"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "1971622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971622"
},
{
"category": "external",
"summary": "1974741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974741"
},
{
"category": "external",
"summary": "1979441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979441"
},
{
"category": "external",
"summary": "1979797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979797"
},
{
"category": "external",
"summary": "1980192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980192"
},
{
"category": "external",
"summary": "1986726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986726"
},
{
"category": "external",
"summary": "1986834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986834"
},
{
"category": "external",
"summary": "1987121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1987121"
},
{
"category": "external",
"summary": "1988496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1988496"
},
{
"category": "external",
"summary": "1990462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990462"
},
{
"category": "external",
"summary": "1991240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991240"
},
{
"category": "external",
"summary": "1995793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995793"
},
{
"category": "external",
"summary": "1996123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996123"
},
{
"category": "external",
"summary": "1998255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998255"
},
{
"category": "external",
"summary": "1999698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999698"
},
{
"category": "external",
"summary": "2000031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000031"
},
{
"category": "external",
"summary": "2002283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002283"
},
{
"category": "external",
"summary": "2003883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003883"
},
{
"category": "external",
"summary": "2003996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003996"
},
{
"category": "external",
"summary": "2006602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006602"
},
{
"category": "external",
"summary": "2006745",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006745"
},
{
"category": "external",
"summary": "2007384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007384"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2008798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008798"
},
{
"category": "external",
"summary": "2010203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010203"
},
{
"category": "external",
"summary": "2010903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010903"
},
{
"category": "external",
"summary": "2013928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013928"
},
{
"category": "external",
"summary": "2014888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014888"
},
{
"category": "external",
"summary": "2015796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015796"
},
{
"category": "external",
"summary": "2019144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019144"
},
{
"category": "external",
"summary": "2019148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019148"
},
{
"category": "external",
"summary": "2019153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019153"
},
{
"category": "external",
"summary": "2021217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021217"
},
{
"category": "external",
"summary": "2023250",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023250"
},
{
"category": "external",
"summary": "2023786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023786"
},
{
"category": "external",
"summary": "2024202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024202"
},
{
"category": "external",
"summary": "2025936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025936"
},
{
"category": "external",
"summary": "2030596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030596"
},
{
"category": "external",
"summary": "2030663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030663"
},
{
"category": "external",
"summary": "2031027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031027"
},
{
"category": "external",
"summary": "2035051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035051"
},
{
"category": "external",
"summary": "2037115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037115"
},
{
"category": "external",
"summary": "2037121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037121"
},
{
"category": "external",
"summary": "2040361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040361"
},
{
"category": "external",
"summary": "2040402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040402"
},
{
"category": "external",
"summary": "2040474",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040474"
},
{
"category": "external",
"summary": "2041544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041544"
},
{
"category": "external",
"summary": "2043146",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043146"
},
{
"category": "external",
"summary": "2044273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044273"
},
{
"category": "external",
"summary": "2048546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048546"
},
{
"category": "external",
"summary": "2050566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050566"
},
{
"category": "external",
"summary": "2050614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050614"
},
{
"category": "external",
"summary": "2051857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051857"
},
{
"category": "external",
"summary": "2052557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052557"
},
{
"category": "external",
"summary": "2052690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052690"
},
{
"category": "external",
"summary": "2054756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054756"
},
{
"category": "external",
"summary": "2055136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055136"
},
{
"category": "external",
"summary": "2056021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056021"
},
{
"category": "external",
"summary": "2056052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056052"
},
{
"category": "external",
"summary": "2056126",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056126"
},
{
"category": "external",
"summary": "2058264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058264"
},
{
"category": "external",
"summary": "2059521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059521"
},
{
"category": "external",
"summary": "2059877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059877"
},
{
"category": "external",
"summary": "2061904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061904"
},
{
"category": "external",
"summary": "2065052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065052"
},
{
"category": "external",
"summary": "2066084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066084"
},
{
"category": "external",
"summary": "2066283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066283"
},
{
"category": "external",
"summary": "2069972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069972"
},
{
"category": "external",
"summary": "2070156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070156"
},
{
"category": "external",
"summary": "2071468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071468"
},
{
"category": "external",
"summary": "2072637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072637"
},
{
"category": "external",
"summary": "2072639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072639"
},
{
"category": "external",
"summary": "2072641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072641"
},
{
"category": "external",
"summary": "2072642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072642"
},
{
"category": "external",
"summary": "2072645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072645"
},
{
"category": "external",
"summary": "2072646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072646"
},
{
"category": "external",
"summary": "2075352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075352"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4711.json"
}
],
"title": "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update",
"tracking": {
"current_release_date": "2024-11-22T21:43:43+00:00",
"generator": {
"date": "2024-11-22T21:43:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:4711",
"initial_release_date": "2022-05-26T16:25:03+00:00",
"revision_history": [
{
"date": "2022-05-26T16:25:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-26T16:25:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:43:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product": {
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.4:el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"product": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"product_id": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"product": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"product_id": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"product_id": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "engine-db-query-0:1.6.4-1.el8ev.src",
"product": {
"name": "engine-db-query-0:1.6.4-1.el8ev.src",
"product_id": "engine-db-query-0:1.6.4-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"product": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"product_id": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"product": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"product_id": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"product": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"product_id": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"product": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"product_id": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"product": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"product_id": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"product": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"product_id": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"product": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"product_id": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:2.1.3-1.el8ev.src",
"product": {
"name": "ansible-runner-0:2.1.3-1.el8ev.src",
"product_id": "ansible-runner-0:2.1.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"product": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"product_id": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"product": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"product_id": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"product": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"product_id": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"product_id": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"product": {
"name": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"product_id": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"product": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"product_id": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"product": {
"name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"product_id": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java-javadoc@1.7.1-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"product": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"product_id": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"product": {
"name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"product_id": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-sshd-javadoc@2.8.0-0.1.el8ev?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"product": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"product_id": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"product": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"product_id": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"product": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"product_id": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"product_id": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"product": {
"name": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_id": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"product": {
"name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_id": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python38-ansible-runner@2.1.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-backend@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"product": {
"name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"product_id": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm@4.5.0.7-0.9.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"product": {
"name": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"product_id": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python38-docutils@0.14-12.4.el8ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch"
},
"product_reference": "ansible-runner-0:2.1.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:2.1.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src"
},
"product_reference": "ansible-runner-0:2.1.3-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch"
},
"product_reference": "apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-sshd-1:2.8.0-0.1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src"
},
"product_reference": "apache-sshd-1:2.8.0-0.1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch"
},
"product_reference": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "engine-db-query-0:1.6.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch"
},
"product_reference": "engine-db-query-0:1.6.4-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "engine-db-query-0:1.6.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src"
},
"product_reference": "engine-db-query-0:1.6.4-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch"
},
"product_reference": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src"
},
"product_reference": "ovirt-dependencies-0:4.5.1-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src"
},
"product_reference": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src"
},
"product_reference": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src"
},
"product_reference": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch"
},
"product_reference": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src"
},
"product_reference": "ovirt-log-collector-0:4.4.5-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch"
},
"product_reference": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.8.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src"
},
"product_reference": "ovirt-web-ui-0:1.8.1-2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch"
},
"product_reference": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-docutils-0:0.14-12.4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch"
},
"product_reference": "python38-docutils-0:0.14-12.4.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
},
"product_reference": "rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch"
},
"product_reference": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src"
},
"product_reference": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch"
},
"product_reference": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src"
},
"product_reference": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch"
},
"product_reference": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src"
},
"product_reference": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
},
"product_reference": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-23425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995793"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-trim-off-newlines: ReDoS via string processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Directory Server 11 Web UI requires trim-off-newlines as a dependency, but it is not used in the 389-ds cockpit plugin, and not shipped as part of the RPM binary. Thus Red Hat Directory Server 11 is not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23425"
},
{
"category": "external",
"summary": "RHBZ#1995793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23425"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850",
"url": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850"
}
],
"release_date": "2021-05-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-trim-off-newlines: ReDoS via string processing"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2021-41182",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-10-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019144"
}
],
"notes": [
{
"category": "description",
"text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery-ui: XSS in the altField option of the datepicker widget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41182"
},
{
"category": "external",
"summary": "RHBZ#2019144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41182"
}
],
"release_date": "2021-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery-ui: XSS in the altField option of the datepicker widget"
},
{
"cve": "CVE-2021-41183",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-10-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019148"
}
],
"notes": [
{
"category": "description",
"text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery-ui: XSS in *Text options of the datepicker widget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41183"
},
{
"category": "external",
"summary": "RHBZ#2019148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019148"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41183"
}
],
"release_date": "2021-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery-ui: XSS in *Text options of the datepicker widget"
},
{
"cve": "CVE-2021-41184",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-10-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019153"
}
],
"notes": [
{
"category": "description",
"text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery-ui: XSS in the \u0027of\u0027 option of the .position() util",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src",
"8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src",
"8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41184"
},
{
"category": "external",
"summary": "RHBZ#2019153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184"
}
],
"release_date": "2021-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-26T16:25:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery-ui: XSS in the \u0027of\u0027 option of the .position() util"
}
]
}
RHSA-2022_6449
Vulnerability from csaf_redhat - Published: 2022-09-13 09:59 - Updated: 2024-12-10 17:37Summary
Red Hat Security Advisory: nodejs:16 security and bug fix update
Notes
Topic
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)
* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)
* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)
* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)
* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* nodejs:16/nodejs: rebase to latest upstream release (BZ#2106369)
* nodejs:16/nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2111416)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)\n\n* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)\n\n* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)\n\n* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)\n\n* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs:16/nodejs: rebase to latest upstream release (BZ#2106369)\n\n* nodejs:16/nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2111416)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6449",
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "2106369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106369"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6449.json"
}
],
"title": "Red Hat Security Advisory: nodejs:16 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-10T17:37:59+00:00",
"generator": {
"date": "2024-12-10T17:37:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6449",
"initial_release_date": "2022-09-13T09:59:48+00:00",
"revision_history": [
{
"date": "2022-09-13T09:59:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-13T09:59:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-10T17:37:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:16:8060020220805104227:ad008a3a",
"product": {
"name": "nodejs:16:8060020220805104227:ad008a3a",
"product_id": "nodejs:16:8060020220805104227:ad008a3a",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@16:8060020220805104227:ad008a3a"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"product": {
"name": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"product_id": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"product_id": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-2.module%2Bel8.6.0%2B16240%2B7ca51420?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"product": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"product_id": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-2.module%2Bel8.6.0%2B16240%2B7ca51420?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_id": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_id": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_id": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_id": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_id": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64",
"product_id": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.3.module%2Bel8.6.0%2B16248%2B76b0e185?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
"product_reference": "nodejs:16:8060020220805104227:ad008a3a",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64"
},
"product_reference": "nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64"
},
"product_reference": "nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64"
},
"product_reference": "nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch"
},
"product_reference": "nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src"
},
"product_reference": "nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64 as a component of nodejs:16:8060020220805104227:ad008a3a as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"acknowledgments": [
{
"names": [
"Axel Chong"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32212",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105422"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided (for instance, 10.0.2.555 is provided), browsers (such as Firefox) will make DNS requests to the DNS server. This issue provides a vector for an attacker-controlled DNS server or a Man-in-the-middle attack (MITM) who can spoof DNS responses to perform a rebinding attack and then connect to the WebSocket debugger allowing for arbitrary code execution on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: DNS rebinding in --inspect via invalid IP addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is a bypass of CVE-2021-22884.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32212"
},
{
"category": "external",
"summary": "RHBZ#2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: DNS rebinding in --inspect via invalid IP addresses"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32213",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105430"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS), causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32213"
},
{
"category": "external",
"summary": "RHBZ#2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32214",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105428"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the http module not strictly using the CRLF sequence to delimit HTTP requests. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows an attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to improper delimiting of header fields",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32214"
},
{
"category": "external",
"summary": "RHBZ#2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to improper delimiting of header fields"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32215",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105426"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32215"
},
{
"category": "external",
"summary": "RHBZ#2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding"
},
{
"cve": "CVE-2022-33987",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2102001"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `got` package for node.js. Requested URLs are not verified and allow open redirection to a local UNIX socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As got is only a transitive dependency of a development dependency of kiali OpenShift Service Mesh as well as being removed in version 2.2+, this flaw will not be fixed at this time for the openshift-istio-kiali-rhel8-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33987"
},
{
"category": "external",
"summary": "RHBZ#2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/pull/2047",
"url": "https://github.com/sindresorhus/got/pull/2047"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/releases/tag/v11.8.5",
"url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5"
}
],
"release_date": "2022-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-13T09:59:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debuginfo-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-debugsource-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-devel-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-docs-1:16.16.0-3.module+el8.6.0+16248+76b0e185.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-full-i18n-1:16.16.0-3.module+el8.6.0+16248+76b0e185.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-nodemon-0:2.0.19-2.module+el8.6.0+16240+7ca51420.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.ppc64le",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:nodejs:16:8060020220805104227:ad008a3a:npm-1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets"
}
]
}
RHSA-2022_0350
Vulnerability from csaf_redhat - Published: 2022-02-01 21:18 - Updated: 2024-12-17 22:54Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027609)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027609)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0350",
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0350.json"
}
],
"title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-17T22:54:28+00:00",
"generator": {
"date": "2024-12-17T22:54:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0350",
"initial_release_date": "2022-02-01T21:18:22+00:00",
"revision_history": [
{
"date": "2022-02-01T21:18:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-01T21:18:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:54:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:14:8050020211213115342:c5368500",
"product": {
"name": "nodejs:14:8050020211213115342:c5368500",
"product_id": "nodejs:14:8050020211213115342:c5368500",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"product": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"product_id": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13504%2Ba2e74d91?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13504%2Ba2e74d91?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
"product_reference": "nodejs:14:8050020211213115342:c5368500",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch"
},
"product_reference": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2021-37701",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37701"
},
{
"category": "external",
"summary": "RHBZ#1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1779",
"url": "https://www.npmjs.com/advisories/1779"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-37712",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37712"
},
{
"category": "external",
"summary": "RHBZ#1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1780",
"url": "https://www.npmjs.com/advisories/1780"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x",
"AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
}
]
}
RHSA-2023:3742
Vulnerability from csaf_redhat - Published: 2023-06-21 15:22 - Updated: 2025-12-04 05:09Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
Security Fix(es):
* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)
* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)
* vault: incorrect policy enforcement (CVE-2021-43998)
* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)
* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)
* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)
* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)
* vault: insufficient certificate revocation list checking (CVE-2022-41316)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* vault: Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)
* hashicorp/vault: Vault’s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)
* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)
* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)
* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)
* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)
* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n\n* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)\n\n* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)\n\n* vault: incorrect policy enforcement (CVE-2021-43998)\n\n* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)\n\n* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)\n\n* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)\n\n* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\n* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)\n\n* vault: insufficient certificate revocation list checking (CVE-2022-41316)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n\n* vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)\n\n* hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)\n\n* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)\n\n* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)\n\n* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)\n\n* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3742",
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index"
},
{
"category": "external",
"summary": "1786696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786696"
},
{
"category": "external",
"summary": "1855339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855339"
},
{
"category": "external",
"summary": "1943137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943137"
},
{
"category": "external",
"summary": "1944687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944687"
},
{
"category": "external",
"summary": "1989088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989088"
},
{
"category": "external",
"summary": "2005040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005040"
},
{
"category": "external",
"summary": "2005830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005830"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2028193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193"
},
{
"category": "external",
"summary": "2040839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839"
},
{
"category": "external",
"summary": "2040846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846"
},
{
"category": "external",
"summary": "2040856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856"
},
{
"category": "external",
"summary": "2040862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862"
},
{
"category": "external",
"summary": "2042914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042914"
},
{
"category": "external",
"summary": "2052252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052252"
},
{
"category": "external",
"summary": "2101497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101497"
},
{
"category": "external",
"summary": "2101916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101916"
},
{
"category": "external",
"summary": "2102304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102304"
},
{
"category": "external",
"summary": "2104148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104148"
},
{
"category": "external",
"summary": "2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "2115020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115020"
},
{
"category": "external",
"summary": "2115616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115616"
},
{
"category": "external",
"summary": "2119551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551"
},
{
"category": "external",
"summary": "2120098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120098"
},
{
"category": "external",
"summary": "2120944",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120944"
},
{
"category": "external",
"summary": "2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "2126299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2134609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609"
},
{
"category": "external",
"summary": "2135339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339"
},
{
"category": "external",
"summary": "2139037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139037"
},
{
"category": "external",
"summary": "2141095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141095"
},
{
"category": "external",
"summary": "2142651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142651"
},
{
"category": "external",
"summary": "2142894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142894"
},
{
"category": "external",
"summary": "2142941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142941"
},
{
"category": "external",
"summary": "2143944",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143944"
},
{
"category": "external",
"summary": "2144256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144256"
},
{
"category": "external",
"summary": "2151903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151903"
},
{
"category": "external",
"summary": "2152143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152143"
},
{
"category": "external",
"summary": "2154250",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154250"
},
{
"category": "external",
"summary": "2155507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155507"
},
{
"category": "external",
"summary": "2155743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155743"
},
{
"category": "external",
"summary": "2156067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156067"
},
{
"category": "external",
"summary": "2156069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156069"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156519"
},
{
"category": "external",
"summary": "2156727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727"
},
{
"category": "external",
"summary": "2156729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729"
},
{
"category": "external",
"summary": "2157876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2157876"
},
{
"category": "external",
"summary": "2158922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158922"
},
{
"category": "external",
"summary": "2159676",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159676"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "2161879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161879"
},
{
"category": "external",
"summary": "2161937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161937"
},
{
"category": "external",
"summary": "2162257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162257"
},
{
"category": "external",
"summary": "2164617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164617"
},
{
"category": "external",
"summary": "2165495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165495"
},
{
"category": "external",
"summary": "2165504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165504"
},
{
"category": "external",
"summary": "2165929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165929"
},
{
"category": "external",
"summary": "2165938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165938"
},
{
"category": "external",
"summary": "2165984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165984"
},
{
"category": "external",
"summary": "2166222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166222"
},
{
"category": "external",
"summary": "2166234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166234"
},
{
"category": "external",
"summary": "2166869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166869"
},
{
"category": "external",
"summary": "2167299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167299"
},
{
"category": "external",
"summary": "2167308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167308"
},
{
"category": "external",
"summary": "2167337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337"
},
{
"category": "external",
"summary": "2167340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340"
},
{
"category": "external",
"summary": "2167946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167946"
},
{
"category": "external",
"summary": "2168113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168113"
},
{
"category": "external",
"summary": "2168635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168635"
},
{
"category": "external",
"summary": "2168840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168840"
},
{
"category": "external",
"summary": "2168849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168849"
},
{
"category": "external",
"summary": "2169375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375"
},
{
"category": "external",
"summary": "2169378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378"
},
{
"category": "external",
"summary": "2169779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169779"
},
{
"category": "external",
"summary": "2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "2170673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170673"
},
{
"category": "external",
"summary": "2172089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172089"
},
{
"category": "external",
"summary": "2172365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172365"
},
{
"category": "external",
"summary": "2172521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172521"
},
{
"category": "external",
"summary": "2173161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173161"
},
{
"category": "external",
"summary": "2173528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173528"
},
{
"category": "external",
"summary": "2173534",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173534"
},
{
"category": "external",
"summary": "2173926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173926"
},
{
"category": "external",
"summary": "2175612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175612"
},
{
"category": "external",
"summary": "2175685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175685"
},
{
"category": "external",
"summary": "2175714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175714"
},
{
"category": "external",
"summary": "2175867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175867"
},
{
"category": "external",
"summary": "2176080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176080"
},
{
"category": "external",
"summary": "2176456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176456"
},
{
"category": "external",
"summary": "2176739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176739"
},
{
"category": "external",
"summary": "2176776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176776"
},
{
"category": "external",
"summary": "2176798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176798"
},
{
"category": "external",
"summary": "2176809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176809"
},
{
"category": "external",
"summary": "2177134",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177134"
},
{
"category": "external",
"summary": "2177221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177221"
},
{
"category": "external",
"summary": "2177325",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177325"
},
{
"category": "external",
"summary": "2177695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177695"
},
{
"category": "external",
"summary": "2177844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844"
},
{
"category": "external",
"summary": "2178033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178033"
},
{
"category": "external",
"summary": "2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "2178588",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178588"
},
{
"category": "external",
"summary": "2178619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178619"
},
{
"category": "external",
"summary": "2178682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178682"
},
{
"category": "external",
"summary": "2179133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179133"
},
{
"category": "external",
"summary": "2179337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179337"
},
{
"category": "external",
"summary": "2179403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179403"
},
{
"category": "external",
"summary": "2179846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179846"
},
{
"category": "external",
"summary": "2179860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179860"
},
{
"category": "external",
"summary": "2179976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179976"
},
{
"category": "external",
"summary": "2179981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179981"
},
{
"category": "external",
"summary": "2179997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179997"
},
{
"category": "external",
"summary": "2180211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180211"
},
{
"category": "external",
"summary": "2180397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180397"
},
{
"category": "external",
"summary": "2180440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180440"
},
{
"category": "external",
"summary": "2180921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180921"
},
{
"category": "external",
"summary": "2181112",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181112"
},
{
"category": "external",
"summary": "2181133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181133"
},
{
"category": "external",
"summary": "2181446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181446"
},
{
"category": "external",
"summary": "2181535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181535"
},
{
"category": "external",
"summary": "2181551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181551"
},
{
"category": "external",
"summary": "2181832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181832"
},
{
"category": "external",
"summary": "2181949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181949"
},
{
"category": "external",
"summary": "2182041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182041"
},
{
"category": "external",
"summary": "2182296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182296"
},
{
"category": "external",
"summary": "2182375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182375"
},
{
"category": "external",
"summary": "2182644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182644"
},
{
"category": "external",
"summary": "2182664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182664"
},
{
"category": "external",
"summary": "2182703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182703"
},
{
"category": "external",
"summary": "2182972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972"
},
{
"category": "external",
"summary": "2182981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981"
},
{
"category": "external",
"summary": "2183155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183155"
},
{
"category": "external",
"summary": "2183196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183196"
},
{
"category": "external",
"summary": "2183266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183266"
},
{
"category": "external",
"summary": "2183457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183457"
},
{
"category": "external",
"summary": "2183478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183478"
},
{
"category": "external",
"summary": "2183520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183520"
},
{
"category": "external",
"summary": "2184068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184068"
},
{
"category": "external",
"summary": "2184605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184605"
},
{
"category": "external",
"summary": "2184663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663"
},
{
"category": "external",
"summary": "2184769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184769"
},
{
"category": "external",
"summary": "2184773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184773"
},
{
"category": "external",
"summary": "2184892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184892"
},
{
"category": "external",
"summary": "2184984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184984"
},
{
"category": "external",
"summary": "2185164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185164"
},
{
"category": "external",
"summary": "2185188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185188"
},
{
"category": "external",
"summary": "2185757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185757"
},
{
"category": "external",
"summary": "2185871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185871"
},
{
"category": "external",
"summary": "2186171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186171"
},
{
"category": "external",
"summary": "2186225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186225"
},
{
"category": "external",
"summary": "2186475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186475"
},
{
"category": "external",
"summary": "2186752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186752"
},
{
"category": "external",
"summary": "2187251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187251"
},
{
"category": "external",
"summary": "2187296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187296"
},
{
"category": "external",
"summary": "2187736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187736"
},
{
"category": "external",
"summary": "2187952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187952"
},
{
"category": "external",
"summary": "2187969",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187969"
},
{
"category": "external",
"summary": "2187986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187986"
},
{
"category": "external",
"summary": "2188053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188053"
},
{
"category": "external",
"summary": "2188238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188238"
},
{
"category": "external",
"summary": "2188303",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188303"
},
{
"category": "external",
"summary": "2188427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188427"
},
{
"category": "external",
"summary": "2188666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188666"
},
{
"category": "external",
"summary": "2189483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189483"
},
{
"category": "external",
"summary": "2189929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189929"
},
{
"category": "external",
"summary": "2189982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189982"
},
{
"category": "external",
"summary": "2189984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189984"
},
{
"category": "external",
"summary": "2190129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190129"
},
{
"category": "external",
"summary": "2190241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190241"
},
{
"category": "external",
"summary": "2192088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192088"
},
{
"category": "external",
"summary": "2192670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192670"
},
{
"category": "external",
"summary": "2192824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192824"
},
{
"category": "external",
"summary": "2192875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192875"
},
{
"category": "external",
"summary": "2193114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193114"
},
{
"category": "external",
"summary": "2193220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193220"
},
{
"category": "external",
"summary": "2196176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196176"
},
{
"category": "external",
"summary": "2196236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196236"
},
{
"category": "external",
"summary": "2196298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196298"
},
{
"category": "external",
"summary": "2203795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203795"
},
{
"category": "external",
"summary": "2208029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208029"
},
{
"category": "external",
"summary": "2208079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208079"
},
{
"category": "external",
"summary": "2208269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208269"
},
{
"category": "external",
"summary": "2208558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208558"
},
{
"category": "external",
"summary": "2208962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208962"
},
{
"category": "external",
"summary": "2209364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209364"
},
{
"category": "external",
"summary": "2209643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209643"
},
{
"category": "external",
"summary": "2209695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209695"
},
{
"category": "external",
"summary": "2210964",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210964"
},
{
"category": "external",
"summary": "2211334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211334"
},
{
"category": "external",
"summary": "2211343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211343"
},
{
"category": "external",
"summary": "2211704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211704"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3742.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update",
"tracking": {
"current_release_date": "2025-12-04T05:09:07+00:00",
"generator": {
"date": "2025-12-04T05:09:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2023:3742",
"initial_release_date": "2023-06-21T15:22:11+00:00",
"revision_history": [
{
"date": "2023-06-21T15:22:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-06-22T19:51:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-04T05:09:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.13 for RHEL 9",
"product": {
"name": "RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.13::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"product_id": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"product_id": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"product_id": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"product_id": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-16250",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2023-02-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167337"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulated and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16250"
},
{
"category": "external",
"summary": "RHBZ#2167337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101",
"url": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101"
}
],
"release_date": "2020-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass"
},
{
"cve": "CVE-2020-16251",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2023-02-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In affected versions of Vault, with the GCP Auth Method configured and under certain circumstances, the values relied upon by Vault to validate Google Compute Engine (GCE) VMs may be manipulated and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: GCP Auth Method Allows Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16251"
},
{
"category": "external",
"summary": "RHBZ#2167340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102",
"url": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102"
}
],
"release_date": "2020-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: GCP Auth Method Allows Authentication Bypass"
},
{
"cve": "CVE-2021-3765",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126299"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the validator package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "validator: Inefficient Regular Expression Complexity in Validator.js",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3765"
},
{
"category": "external",
"summary": "RHBZ#2126299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9",
"url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9"
}
],
"release_date": "2021-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "validator: Inefficient Regular Expression Complexity in Validator.js"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-4235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156727"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-yaml: Denial of Service in go-yaml",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4235"
},
{
"category": "external",
"summary": "RHBZ#2156727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235"
},
{
"category": "external",
"summary": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241",
"url": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241"
},
{
"category": "external",
"summary": "https://github.com/go-yaml/yaml/pull/375",
"url": "https://github.com/go-yaml/yaml/pull/375"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2021-0061",
"url": "https://pkg.go.dev/vuln/GO-2021-0061"
}
],
"release_date": "2022-12-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-yaml: Denial of Service in go-yaml"
},
{
"cve": "CVE-2021-4238",
"cwe": {
"id": "CWE-331",
"name": "Insufficient Entropy"
},
"discovery_date": "2022-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4238"
},
{
"category": "external",
"summary": "RHBZ#2156729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4238",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4238"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238"
},
{
"category": "external",
"summary": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1",
"url": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3839-6r69-m497",
"url": "https://github.com/advisories/GHSA-3839-6r69-m497"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-0411",
"url": "https://pkg.go.dev/vuln/GO-2022-0411"
}
],
"release_date": "2022-12-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be"
},
{
"cve": "CVE-2021-43998",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2021-11-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2028193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HashiCorp Vault. In affected versions of HashiCorp Vault and Vault Enterprise, templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: incorrect policy enforcement",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43998"
},
{
"category": "external",
"summary": "RHBZ#2028193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43998",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132",
"url": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132"
}
],
"release_date": "2021-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: incorrect policy enforcement"
},
{
"cve": "CVE-2021-44531",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node.js where it accepted a certificate\u0027s Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Improper handling of URI Subject Alternative Names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44531"
},
{
"category": "external",
"summary": "RHBZ#2040839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44531",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Improper handling of URI Subject Alternative Names"
},
{
"cve": "CVE-2021-44532",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040846"
}
],
"notes": [
{
"category": "description",
"text": "It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Certificate Verification Bypass via String Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44532"
},
{
"category": "external",
"summary": "RHBZ#2040846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44532",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Certificate Verification Bypass via String Injection"
},
{
"cve": "CVE-2021-44533",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040856"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Incorrect handling of certificate subject and issuer fields",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally, there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore, the Quay component is marked as \"Will not fix\" with impact LOW.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44533"
},
{
"category": "external",
"summary": "RHBZ#2040856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Incorrect handling of certificate subject and issuer fields"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\n\nThis flaw additionally affects the github.com/vbatts/tar-split library and was fixed in v0.12.1.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1",
"url": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-3517",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-06-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134609"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-minimatch: ReDoS via the braceExpand function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3517"
},
{
"category": "external",
"summary": "RHBZ#2134609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517"
}
],
"release_date": "2022-02-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-minimatch: ReDoS via the braceExpand function"
},
{
"cve": "CVE-2022-21824",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040862"
}
],
"notes": [
{
"category": "description",
"text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Prototype pollution via console.table properties",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21824"
},
{
"category": "external",
"summary": "RHBZ#2040862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Prototype pollution via console.table properties"
},
{
"cve": "CVE-2022-23540",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2023-02-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jsonwebtoken library. In affected versions of the jsonwebtoken library, lack of algorithm definition and a falsy secret or key in the jwt.verify() function may lead to signature validation bypass due to defaulting to the none algorithm for signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23540"
},
{
"category": "external",
"summary": "RHBZ#2169378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6",
"url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6"
}
],
"release_date": "2022-12-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass"
},
{
"cve": "CVE-2022-23541",
"cwe": {
"id": "CWE-1259",
"name": "Improper Restriction of Security Token Assignment"
},
"discovery_date": "2023-02-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jsonwebtoken library. Affected versions of jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function will result in incorrect verification of tokens. Using a different algorithm and key combination in verification than what was used to sign the tokens, specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to the successful validation of forged tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23541"
},
{
"category": "external",
"summary": "RHBZ#2169375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959",
"url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959"
}
],
"release_date": "2022-12-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-30635",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: encoding/gob: stack exhaustion in Decoder.Decode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.The vulnerability has been rated as moderate instead of high because the vulnerability can only result in a minor denial of service.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-1325: Improperly Controlled Sequential Memory Allocation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure only authorized users and roles can execute or modify code. Static code analysis and peer reviews enforce strong input validation and error handling, preventing improperly validated inputs from causing system instability, data exposure, or privilege escalation. In the event of successful exploitation, process isolation limits the impact of excessive sequential memory allocation by restricting memory use per process, preventing any single process from exhausting system resources. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to reduce the risk of memory allocation-based attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30635"
},
{
"category": "external",
"summary": "RHBZ#2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635"
},
{
"category": "external",
"summary": "https://go.dev/issue/53615",
"url": "https://go.dev/issue/53615"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: encoding/gob: stack exhaustion in Decoder.Decode"
},
{
"cve": "CVE-2022-32189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2113814"
}
],
"notes": [
{
"category": "description",
"text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32189"
},
{
"category": "external",
"summary": "RHBZ#2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
},
{
"category": "external",
"summary": "https://go.dev/issue/53871",
"url": "https://go.dev/issue/53871"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
"url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
}
],
"release_date": "2022-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
},
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
},
{
"cve": "CVE-2022-38149",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2022-08-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119551"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the HashiCorp Consul Template. This issue may reveal the contents of a Vault secret when used with an invalid template.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38149"
},
{
"category": "external",
"summary": "RHBZ#2119551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215",
"url": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215"
}
],
"release_date": "2022-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input"
},
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170644"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "decode-uri-component: improper input validation resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38900"
},
{
"category": "external",
"summary": "RHBZ#2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900"
},
{
"category": "external",
"summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5",
"url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq",
"url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "decode-uri-component: improper input validation resulting in DoS"
},
{
"cve": "CVE-2022-41316",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HashiCorp Vault and Vault Enterprise. Vault\u2019s TLS certificate auth method did not initially load the optionally-configured CRL issued by the role\u2019s Certificate Authority (CA) into memory on startup, resulting in the revocation list not being checked if the CRL has not yet been retrieved.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: insufficient certificate revocation list checking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41316"
},
{
"category": "external",
"summary": "RHBZ#2135339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41316",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41316"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483",
"url": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: insufficient certificate revocation list checking"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
},
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2022-41725",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "RHBZ#2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725"
},
{
"category": "external",
"summary": "https://go.dev/cl/468124",
"url": "https://go.dev/cl/468124"
},
{
"category": "external",
"summary": "https://go.dev/issue/58006",
"url": "https://go.dev/issue/58006"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1569",
"url": "https://pkg.go.dev/vuln/GO-2023-1569"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2023-0620",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2023-04-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184663"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HashiCorp Vault and Vault Enterprise, which are vulnerable to SQL injection. This flaw allows a local authenticated attacker to send specially-crafted SQL statements to the Microsoft SQL (MSSQL) Database Storage Backend, which could allow the attacker to view, add, modify, or delete information in the backend database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0620"
},
{
"category": "external",
"summary": "RHBZ#2184663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080"
}
],
"release_date": "2023-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File"
},
{
"cve": "CVE-2023-0665",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2023-03-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182981"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Hashicorp vault. Vault\u2019s PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in a denial of service of the PKI mount. This bug did not affect public or private key material, trust chains, or certificate issuance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0665"
},
{
"category": "external",
"summary": "RHBZ#2182981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0665"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1"
}
],
"release_date": "2023-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata"
},
{
"cve": "CVE-2023-24999",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177844"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Hashicorp vault. When using the Vault and Vault Enterprise approle auth method, any authenticated user with access to the /auth/approle/role/:role_name/secret-id-accessor/destroy endpoint can destroy the secret ID of another role by providing the secret ID accessor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24999"
},
{
"category": "external",
"summary": "RHBZ#2177844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24999"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation"
},
{
"cve": "CVE-2023-25000",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2023-03-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Hashicorp vault. This flaw allows an attacker with access to and the ability to observe a large number of unseal operations on the host through a side channel to reduce the search space of a brute-force effort to recover the Shamir shares.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25000"
},
{
"category": "external",
"summary": "RHBZ#2182972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25000"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078"
}
],
"release_date": "2023-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations"
}
]
}
RHSA-2021:5171
Vulnerability from csaf_redhat - Published: 2021-12-16 17:21 - Updated: 2025-11-21 18:27Summary
Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (16.13.1), nodejs-nodemon (2.0.15). (BZ#2027610)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.13.1), nodejs-nodemon (2.0.15). (BZ#2027610)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5171",
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5171.json"
}
],
"title": "Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:27:29+00:00",
"generator": {
"date": "2025-11-21T18:27:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2021:5171",
"initial_release_date": "2021-12-16T17:21:31+00:00",
"revision_history": [
{
"date": "2021-12-16T17:21:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-16T17:21:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:27:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16)",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16)",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x (nodejs:16)",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src (nodejs:16)",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=src\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src (nodejs:16)",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13548%2B45d748af?arch=src\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src (nodejs:16)",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=src\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"product": {
"name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch (nodejs:16)",
"product_id": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch (nodejs:16)",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13548%2B45d748af?arch=noarch\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch (nodejs:16)",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=noarch\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16)",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16)",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16)",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16)",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16)",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16)",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16)",
"product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16)",
"product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16)",
"product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16)",
"product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16)",
"product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16)",
"product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:16:8050020211206113934:c5368500"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
},
"product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
},
"product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
},
"product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
},
"product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16"
},
"product_reference": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
},
"product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64 (nodejs:16) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
},
"product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16"
],
"known_not_affected": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T17:21:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5171"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch::nodejs:16",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x::nodejs:16",
"AppStream-8.5.0.Z.MAIN:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64::nodejs:16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
}
]
}
RHSA-2022:0041
Vulnerability from csaf_redhat - Published: 2022-01-06 18:43 - Updated: 2025-11-21 18:27Summary
Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update
Notes
Topic
An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.18.2). (BZ#2031766)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.18.2). (BZ#2031766)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0041",
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "2031766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031766"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0041.json"
}
],
"title": "Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update",
"tracking": {
"current_release_date": "2025-11-21T18:27:40+00:00",
"generator": {
"date": "2025-11-21T18:27:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0041",
"initial_release_date": "2022-01-06T18:43:03+00:00",
"revision_history": [
{
"date": "2022-01-06T18:43:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-06T18:43:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:27:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"product": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"product": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"product_id": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.18.2-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"product": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"product_id": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.15-14.18.2.1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"product": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"product_id": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.18.2-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"product": {
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"product_id": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-docs@14.18.2-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"product": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"product": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"product_id": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.18.2-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"product": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"product_id": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.15-14.18.2.1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"product": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"product_id": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.18.2-1.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"product_id": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.18.2-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"product_id": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.15-14.18.2.1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"product_id": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.18.2-1.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-37701",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37701"
},
{
"category": "external",
"summary": "RHBZ#1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1779",
"url": "https://www.npmjs.com/advisories/1779"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-37712",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37712"
},
{
"category": "external",
"summary": "RHBZ#1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1780",
"url": "https://www.npmjs.com/advisories/1780"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
}
]
}
RHSA-2022_0041
Vulnerability from csaf_redhat - Published: 2022-01-06 18:43 - Updated: 2024-12-17 22:54Summary
Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update
Notes
Topic
An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.18.2). (BZ#2031766)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.18.2). (BZ#2031766)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0041",
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "2031766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031766"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0041.json"
}
],
"title": "Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update",
"tracking": {
"current_release_date": "2024-12-17T22:54:11+00:00",
"generator": {
"date": "2024-12-17T22:54:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0041",
"initial_release_date": "2022-01-06T18:43:03+00:00",
"revision_history": [
{
"date": "2022-01-06T18:43:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-06T18:43:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:54:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"product": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"product": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"product_id": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.18.2-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"product": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"product_id": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.15-14.18.2.1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"product": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"product_id": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.18.2-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"product": {
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"product_id": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-docs@14.18.2-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"product": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"product": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"product_id": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.18.2-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"product": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"product_id": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.15-14.18.2.1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"product": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"product_id": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.18.2-1.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"product_id": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.18.2-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"product_id": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.18.2-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"product_id": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.15-14.18.2.1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"product": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"product_id": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.18.2-1.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64"
},
"product_reference": "rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src"
},
"product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
},
"product_reference": "rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-37701",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37701"
},
{
"category": "external",
"summary": "RHBZ#1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1779",
"url": "https://www.npmjs.com/advisories/1779"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-37712",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37712"
},
{
"category": "external",
"summary": "RHBZ#1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1780",
"url": "https://www.npmjs.com/advisories/1780"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-06T18:43:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.18.2-1.el7.x86_64",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.18.2-1.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.noarch",
"7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7.src",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.ppc64le",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.s390x",
"7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.15-14.18.2.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
}
]
}
RHSA-2022:0350
Vulnerability from csaf_redhat - Published: 2022-02-01 21:18 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027609)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027609)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0350",
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0350.json"
}
],
"title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:28:21+00:00",
"generator": {
"date": "2025-11-21T18:28:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0350",
"initial_release_date": "2022-02-01T21:18:22+00:00",
"revision_history": [
{
"date": "2022-02-01T21:18:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-01T21:18:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=src\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src (nodejs:14)",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13504%2Ba2e74d91?arch=src\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src (nodejs:14)",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"product": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch (nodejs:14)",
"product_id": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch (nodejs:14)",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13504%2Ba2e74d91?arch=noarch\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch (nodejs:14)",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8050020211213115342:c5368500"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14"
},
"product_reference": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2021-37701",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37701"
},
{
"category": "external",
"summary": "RHBZ#1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1779",
"url": "https://www.npmjs.com/advisories/1779"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-37712",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37712"
},
{
"category": "external",
"summary": "RHBZ#1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1780",
"url": "https://www.npmjs.com/advisories/1780"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-01T21:18:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.5.0.Z.MAIN:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x::nodejs:14",
"AppStream-8.5.0.Z.MAIN:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
}
]
}
RHSA-2022:5555
Vulnerability from csaf_redhat - Published: 2022-07-14 12:56 - Updated: 2025-11-21 18:32Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.1] security, bug fix and update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)
* apache-commons-compress: infinite loop when reading a specially crafted 7Z archive (CVE-2021-35515)
* apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive (CVE-2021-35516)
* apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive (CVE-2021-35517)
* apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive (CVE-2021-36090)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)
* semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding (CVE-2022-31051)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)\n\n* apache-commons-compress: infinite loop when reading a specially crafted 7Z archive (CVE-2021-35515)\n\n* apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive (CVE-2021-35516)\n\n* apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive (CVE-2021-35517)\n\n* apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive (CVE-2021-36090)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)\n\n* semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding (CVE-2022-31051)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5555",
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1663217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663217"
},
{
"category": "external",
"summary": "1782077",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782077"
},
{
"category": "external",
"summary": "1849045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849045"
},
{
"category": "external",
"summary": "1852308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852308"
},
{
"category": "external",
"summary": "1958032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958032"
},
{
"category": "external",
"summary": "1966615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966615"
},
{
"category": "external",
"summary": "1976607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976607"
},
{
"category": "external",
"summary": "1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "1994144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994144"
},
{
"category": "external",
"summary": "2001574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001574"
},
{
"category": "external",
"summary": "2001923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001923"
},
{
"category": "external",
"summary": "2006625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006625"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2030293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030293"
},
{
"category": "external",
"summary": "2068270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2068270"
},
{
"category": "external",
"summary": "2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "2070045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070045"
},
{
"category": "external",
"summary": "2072626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072626"
},
{
"category": "external",
"summary": "2081241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081241"
},
{
"category": "external",
"summary": "2081559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081559"
},
{
"category": "external",
"summary": "2089856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089856"
},
{
"category": "external",
"summary": "2092885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092885"
},
{
"category": "external",
"summary": "2093795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093795"
},
{
"category": "external",
"summary": "2097414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097414"
},
{
"category": "external",
"summary": "2099650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099650"
},
{
"category": "external",
"summary": "2105296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5555.json"
}
],
"title": "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.1] security, bug fix and update",
"tracking": {
"current_release_date": "2025-11-21T18:32:22+00:00",
"generator": {
"date": "2025-11-21T18:32:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:5555",
"initial_release_date": "2022-07-14T12:56:49+00:00",
"revision_history": [
{
"date": "2022-07-14T12:56:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-07-14T12:56:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:32:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product": {
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.4:el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"product_id": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.14-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"product": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"product_id": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"product": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"product_id": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"product": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"product_id": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql-jdbc@42.2.14-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"product": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"product_id": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.6-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"product": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"product_id": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-compress@1.21-1.2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"product": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"product_id": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.5.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.4-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"product": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"product_id": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.1.2-0.11.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"product": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"product_id": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.9.0-1.el8ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"product_id": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"product": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"product_id": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql-jdbc@42.2.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"product": {
"name": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"product_id": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql-jdbc-javadoc@42.2.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"product": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"product_id": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.6-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"product": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"product_id": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-compress@1.21-1.2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"product": {
"name": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"product_id": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-compress-javadoc@1.21-1.2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"product": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"product_id": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.5.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.4-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-backend@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"product": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"product_id": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.9.0-1.el8ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch"
},
"product_reference": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src"
},
"product_reference": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
},
"product_reference": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
},
"product_reference": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src"
},
"product_reference": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src"
},
"product_reference": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch"
},
"product_reference": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src"
},
"product_reference": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch"
},
"product_reference": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
},
"product_reference": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch"
},
"product_reference": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src"
},
"product_reference": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch"
},
"product_reference": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch"
},
"product_reference": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
},
"product_reference": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-22096",
"discovery_date": "2021-12-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034584"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: malicious input leads to insertion of additional log entries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22096"
},
{
"category": "external",
"summary": "RHBZ#2034584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096"
}
],
"release_date": "2021-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "springframework: malicious input leads to insertion of additional log entries"
},
{
"cve": "CVE-2021-33623",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-trim-newlines. Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-trim-newlines: ReDoS in .end() method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) grafana-container does package a vulnerable verison of nodejs trim-newlines. However due to the instance being read only and behind OpenShift OAuth, the impact by this vulnerability is Low. Red Hat Advanced Cluster Management for Kubernetes (ACM) containers affected by this flaw are only accessible to authenticated users, thus the impact of this vulnerability is Low. \nRed Hat Virtualization (RHV) does package a vulnerable version of nodejs-trim-newlines. However, no untrusted content is being parsed therefore the impact of this vulnerability is Low.\n\nThe hosted services are shipped with the vulnerable packages, however the vulnerable methods were not identified in use at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33623"
},
{
"category": "external",
"summary": "RHBZ#1966615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33623"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623"
}
],
"release_date": "2021-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-trim-newlines: ReDoS in .end() method"
},
{
"cve": "CVE-2021-35515",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981895"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35515"
},
{
"category": "external",
"summary": "RHBZ#1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/1",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/1"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35516",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981900"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for very small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35516"
},
{
"category": "external",
"summary": "RHBZ#1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/2",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/2"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35517",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted TAR archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 TAR package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35517"
},
{
"category": "external",
"summary": "RHBZ#1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/3",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/3"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive"
},
{
"cve": "CVE-2021-36090",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981909"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted ZIP archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 zip package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36090"
},
{
"category": "external",
"summary": "RHBZ#1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/4",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/4"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive"
},
{
"cve": "CVE-2022-22950",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2069414"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-expression: Denial of service via specially crafted SpEL expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22950"
},
{
"category": "external",
"summary": "RHBZ#2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22950",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950"
}
],
"release_date": "2022-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-expression: Denial of service via specially crafted SpEL expression"
},
{
"cve": "CVE-2022-31051",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2097414"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in semantic-release. Secrets that are normally masked are accidentally disclosed if they contain characters excluded from uri encoding by `encodeURI()`. The vulnerability is further limited to execution contexts where push access to the related repository is unavailable without modifying the repository URL to inject credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31051"
},
{
"category": "external",
"summary": "RHBZ#2097414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31051",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31051"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31051",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31051"
},
{
"category": "external",
"summary": "https://github.com/semantic-release/semantic-release/security/advisories/GHSA-x2pg-mjhr-2m5x",
"url": "https://github.com/semantic-release/semantic-release/security/advisories/GHSA-x2pg-mjhr-2m5x"
}
],
"release_date": "2022-06-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
},
{
"category": "workaround",
"details": "Users should ensure that secrets that do not contain characters that are excluded from encoding with `encodeURI` when included in a URL that is already masked properly.",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding"
}
]
}
RHSA-2022_6595
Vulnerability from csaf_redhat - Published: 2022-09-20 12:27 - Updated: 2024-12-10 17:38Summary
Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update
Notes
Topic
An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (16.16.0), nodejs-nodemon (2.0.19). (BZ#2124230, BZ#2124233)
Security Fix(es):
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace (CVE-2022-29244)
* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)
* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)
* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)
* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)
* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* nodejs:16/nodejs: Rebase to the latest Nodejs 16 release [rhel-9] (BZ#2121019)
* nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2124299)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.16.0), nodejs-nodemon (2.0.19). (BZ#2124230, BZ#2124233)\n\nSecurity Fix(es):\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace (CVE-2022-29244)\n\n* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)\n\n* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)\n\n* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)\n\n* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)\n\n* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs:16/nodejs: Rebase to the latest Nodejs 16 release [rhel-9] (BZ#2121019)\n\n* nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2124299)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6595",
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2098556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098556"
},
{
"category": "external",
"summary": "2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "2121019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121019"
},
{
"category": "external",
"summary": "2124299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124299"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6595.json"
}
],
"title": "Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update",
"tracking": {
"current_release_date": "2024-12-10T17:38:15+00:00",
"generator": {
"date": "2024-12-10T17:38:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6595",
"initial_release_date": "2022-09-20T12:27:54+00:00",
"revision_history": [
{
"date": "2022-09-20T12:27:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-20T12:27:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-10T17:38:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.src",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.src",
"product_id": "nodejs-1:16.16.0-1.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"product": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"product_id": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-1.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"product": {
"name": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"product_id": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.16.0-1.el9_0?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"product_id": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-1.el9_0?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.16.0-1.el9_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch"
},
"product_reference": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
},
"product_reference": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2022-29244",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2098556"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in npm. This security issue occurs because the npm pack ignores root-level \".gitignore\" and \".npmignore\" file exclusion directives when run in a workspace or with a workspace flag (for example, --workspaces, --workspace=\u003cname\u003e). Anyone who has run \u0027npm pack\u0027 or \u0027npm publish\u0027 inside a workspace has published files into the npm registry they did not intend to include. This flaw exposes sensitive information to an unauthorized user or an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29244"
},
{
"category": "external",
"summary": "RHBZ#2098556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098556"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29244"
},
{
"category": "external",
"summary": "https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52",
"url": "https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52"
}
],
"release_date": "2022-06-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace"
},
{
"acknowledgments": [
{
"names": [
"Axel Chong"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32212",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105422"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided (for instance, 10.0.2.555 is provided), browsers (such as Firefox) will make DNS requests to the DNS server. This issue provides a vector for an attacker-controlled DNS server or a Man-in-the-middle attack (MITM) who can spoof DNS responses to perform a rebinding attack and then connect to the WebSocket debugger allowing for arbitrary code execution on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: DNS rebinding in --inspect via invalid IP addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is a bypass of CVE-2021-22884.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32212"
},
{
"category": "external",
"summary": "RHBZ#2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: DNS rebinding in --inspect via invalid IP addresses"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32213",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105430"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS), causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32213"
},
{
"category": "external",
"summary": "RHBZ#2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32214",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105428"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the http module not strictly using the CRLF sequence to delimit HTTP requests. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows an attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to improper delimiting of header fields",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32214"
},
{
"category": "external",
"summary": "RHBZ#2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to improper delimiting of header fields"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32215",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105426"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32215"
},
{
"category": "external",
"summary": "RHBZ#2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding"
},
{
"cve": "CVE-2022-33987",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-06-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2102001"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `got` package for node.js. Requested URLs are not verified and allow open redirection to a local UNIX socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As got is only a transitive dependency of a development dependency of kiali OpenShift Service Mesh as well as being removed in version 2.2+, this flaw will not be fixed at this time for the openshift-istio-kiali-rhel8-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33987"
},
{
"category": "external",
"summary": "RHBZ#2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/pull/2047",
"url": "https://github.com/sindresorhus/got/pull/2047"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/releases/tag/v11.8.5",
"url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5"
}
],
"release_date": "2022-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets"
}
]
}
RHSA-2023_3742
Vulnerability from csaf_redhat - Published: 2023-06-21 15:22 - Updated: 2024-12-17 22:56Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
Security Fix(es):
* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)
* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)
* vault: incorrect policy enforcement (CVE-2021-43998)
* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)
* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)
* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)
* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)
* vault: insufficient certificate revocation list checking (CVE-2022-41316)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* vault: Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)
* hashicorp/vault: Vault’s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)
* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)
* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)
* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)
* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)
* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n\n* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)\n\n* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)\n\n* vault: incorrect policy enforcement (CVE-2021-43998)\n\n* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)\n\n* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)\n\n* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)\n\n* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\n* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)\n\n* vault: insufficient certificate revocation list checking (CVE-2022-41316)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n\n* vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)\n\n* hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)\n\n* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)\n\n* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)\n\n* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)\n\n* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3742",
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index"
},
{
"category": "external",
"summary": "1786696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786696"
},
{
"category": "external",
"summary": "1855339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855339"
},
{
"category": "external",
"summary": "1943137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943137"
},
{
"category": "external",
"summary": "1944687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944687"
},
{
"category": "external",
"summary": "1989088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989088"
},
{
"category": "external",
"summary": "2005040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005040"
},
{
"category": "external",
"summary": "2005830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005830"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2028193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193"
},
{
"category": "external",
"summary": "2040839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839"
},
{
"category": "external",
"summary": "2040846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846"
},
{
"category": "external",
"summary": "2040856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856"
},
{
"category": "external",
"summary": "2040862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862"
},
{
"category": "external",
"summary": "2042914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042914"
},
{
"category": "external",
"summary": "2052252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052252"
},
{
"category": "external",
"summary": "2101497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101497"
},
{
"category": "external",
"summary": "2101916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101916"
},
{
"category": "external",
"summary": "2102304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102304"
},
{
"category": "external",
"summary": "2104148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104148"
},
{
"category": "external",
"summary": "2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "2115020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115020"
},
{
"category": "external",
"summary": "2115616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115616"
},
{
"category": "external",
"summary": "2119551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551"
},
{
"category": "external",
"summary": "2120098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120098"
},
{
"category": "external",
"summary": "2120944",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120944"
},
{
"category": "external",
"summary": "2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "2126299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2134609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609"
},
{
"category": "external",
"summary": "2135339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339"
},
{
"category": "external",
"summary": "2139037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139037"
},
{
"category": "external",
"summary": "2141095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141095"
},
{
"category": "external",
"summary": "2142651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142651"
},
{
"category": "external",
"summary": "2142894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142894"
},
{
"category": "external",
"summary": "2142941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142941"
},
{
"category": "external",
"summary": "2143944",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143944"
},
{
"category": "external",
"summary": "2144256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144256"
},
{
"category": "external",
"summary": "2151903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151903"
},
{
"category": "external",
"summary": "2152143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152143"
},
{
"category": "external",
"summary": "2154250",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154250"
},
{
"category": "external",
"summary": "2155507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155507"
},
{
"category": "external",
"summary": "2155743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155743"
},
{
"category": "external",
"summary": "2156067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156067"
},
{
"category": "external",
"summary": "2156069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156069"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156519"
},
{
"category": "external",
"summary": "2156727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727"
},
{
"category": "external",
"summary": "2156729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729"
},
{
"category": "external",
"summary": "2157876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2157876"
},
{
"category": "external",
"summary": "2158922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158922"
},
{
"category": "external",
"summary": "2159676",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159676"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "2161879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161879"
},
{
"category": "external",
"summary": "2161937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161937"
},
{
"category": "external",
"summary": "2162257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162257"
},
{
"category": "external",
"summary": "2164617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164617"
},
{
"category": "external",
"summary": "2165495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165495"
},
{
"category": "external",
"summary": "2165504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165504"
},
{
"category": "external",
"summary": "2165929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165929"
},
{
"category": "external",
"summary": "2165938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165938"
},
{
"category": "external",
"summary": "2165984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165984"
},
{
"category": "external",
"summary": "2166222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166222"
},
{
"category": "external",
"summary": "2166234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166234"
},
{
"category": "external",
"summary": "2166869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166869"
},
{
"category": "external",
"summary": "2167299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167299"
},
{
"category": "external",
"summary": "2167308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167308"
},
{
"category": "external",
"summary": "2167337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337"
},
{
"category": "external",
"summary": "2167340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340"
},
{
"category": "external",
"summary": "2167946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167946"
},
{
"category": "external",
"summary": "2168113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168113"
},
{
"category": "external",
"summary": "2168635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168635"
},
{
"category": "external",
"summary": "2168840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168840"
},
{
"category": "external",
"summary": "2168849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168849"
},
{
"category": "external",
"summary": "2169375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375"
},
{
"category": "external",
"summary": "2169378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378"
},
{
"category": "external",
"summary": "2169779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169779"
},
{
"category": "external",
"summary": "2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "2170673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170673"
},
{
"category": "external",
"summary": "2172089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172089"
},
{
"category": "external",
"summary": "2172365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172365"
},
{
"category": "external",
"summary": "2172521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172521"
},
{
"category": "external",
"summary": "2173161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173161"
},
{
"category": "external",
"summary": "2173528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173528"
},
{
"category": "external",
"summary": "2173534",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173534"
},
{
"category": "external",
"summary": "2173926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173926"
},
{
"category": "external",
"summary": "2175612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175612"
},
{
"category": "external",
"summary": "2175685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175685"
},
{
"category": "external",
"summary": "2175714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175714"
},
{
"category": "external",
"summary": "2175867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175867"
},
{
"category": "external",
"summary": "2176080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176080"
},
{
"category": "external",
"summary": "2176456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176456"
},
{
"category": "external",
"summary": "2176739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176739"
},
{
"category": "external",
"summary": "2176776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176776"
},
{
"category": "external",
"summary": "2176798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176798"
},
{
"category": "external",
"summary": "2176809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176809"
},
{
"category": "external",
"summary": "2177134",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177134"
},
{
"category": "external",
"summary": "2177221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177221"
},
{
"category": "external",
"summary": "2177325",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177325"
},
{
"category": "external",
"summary": "2177695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177695"
},
{
"category": "external",
"summary": "2177844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844"
},
{
"category": "external",
"summary": "2178033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178033"
},
{
"category": "external",
"summary": "2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "2178588",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178588"
},
{
"category": "external",
"summary": "2178619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178619"
},
{
"category": "external",
"summary": "2178682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178682"
},
{
"category": "external",
"summary": "2179133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179133"
},
{
"category": "external",
"summary": "2179337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179337"
},
{
"category": "external",
"summary": "2179403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179403"
},
{
"category": "external",
"summary": "2179846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179846"
},
{
"category": "external",
"summary": "2179860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179860"
},
{
"category": "external",
"summary": "2179976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179976"
},
{
"category": "external",
"summary": "2179981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179981"
},
{
"category": "external",
"summary": "2179997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179997"
},
{
"category": "external",
"summary": "2180211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180211"
},
{
"category": "external",
"summary": "2180397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180397"
},
{
"category": "external",
"summary": "2180440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180440"
},
{
"category": "external",
"summary": "2180921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180921"
},
{
"category": "external",
"summary": "2181112",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181112"
},
{
"category": "external",
"summary": "2181133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181133"
},
{
"category": "external",
"summary": "2181446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181446"
},
{
"category": "external",
"summary": "2181535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181535"
},
{
"category": "external",
"summary": "2181551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181551"
},
{
"category": "external",
"summary": "2181832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181832"
},
{
"category": "external",
"summary": "2181949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181949"
},
{
"category": "external",
"summary": "2182041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182041"
},
{
"category": "external",
"summary": "2182296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182296"
},
{
"category": "external",
"summary": "2182375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182375"
},
{
"category": "external",
"summary": "2182644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182644"
},
{
"category": "external",
"summary": "2182664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182664"
},
{
"category": "external",
"summary": "2182703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182703"
},
{
"category": "external",
"summary": "2182972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972"
},
{
"category": "external",
"summary": "2182981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981"
},
{
"category": "external",
"summary": "2183155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183155"
},
{
"category": "external",
"summary": "2183196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183196"
},
{
"category": "external",
"summary": "2183266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183266"
},
{
"category": "external",
"summary": "2183457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183457"
},
{
"category": "external",
"summary": "2183478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183478"
},
{
"category": "external",
"summary": "2183520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183520"
},
{
"category": "external",
"summary": "2184068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184068"
},
{
"category": "external",
"summary": "2184605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184605"
},
{
"category": "external",
"summary": "2184663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663"
},
{
"category": "external",
"summary": "2184769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184769"
},
{
"category": "external",
"summary": "2184773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184773"
},
{
"category": "external",
"summary": "2184892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184892"
},
{
"category": "external",
"summary": "2184984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184984"
},
{
"category": "external",
"summary": "2185164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185164"
},
{
"category": "external",
"summary": "2185188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185188"
},
{
"category": "external",
"summary": "2185757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185757"
},
{
"category": "external",
"summary": "2185871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185871"
},
{
"category": "external",
"summary": "2186171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186171"
},
{
"category": "external",
"summary": "2186225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186225"
},
{
"category": "external",
"summary": "2186475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186475"
},
{
"category": "external",
"summary": "2186752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186752"
},
{
"category": "external",
"summary": "2187251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187251"
},
{
"category": "external",
"summary": "2187296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187296"
},
{
"category": "external",
"summary": "2187736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187736"
},
{
"category": "external",
"summary": "2187952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187952"
},
{
"category": "external",
"summary": "2187969",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187969"
},
{
"category": "external",
"summary": "2187986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187986"
},
{
"category": "external",
"summary": "2188053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188053"
},
{
"category": "external",
"summary": "2188238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188238"
},
{
"category": "external",
"summary": "2188303",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188303"
},
{
"category": "external",
"summary": "2188427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188427"
},
{
"category": "external",
"summary": "2188666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188666"
},
{
"category": "external",
"summary": "2189483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189483"
},
{
"category": "external",
"summary": "2189929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189929"
},
{
"category": "external",
"summary": "2189982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189982"
},
{
"category": "external",
"summary": "2189984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189984"
},
{
"category": "external",
"summary": "2190129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190129"
},
{
"category": "external",
"summary": "2190241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190241"
},
{
"category": "external",
"summary": "2192088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192088"
},
{
"category": "external",
"summary": "2192670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192670"
},
{
"category": "external",
"summary": "2192824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192824"
},
{
"category": "external",
"summary": "2192875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192875"
},
{
"category": "external",
"summary": "2193114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193114"
},
{
"category": "external",
"summary": "2193220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193220"
},
{
"category": "external",
"summary": "2196176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196176"
},
{
"category": "external",
"summary": "2196236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196236"
},
{
"category": "external",
"summary": "2196298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196298"
},
{
"category": "external",
"summary": "2203795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203795"
},
{
"category": "external",
"summary": "2208029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208029"
},
{
"category": "external",
"summary": "2208079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208079"
},
{
"category": "external",
"summary": "2208269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208269"
},
{
"category": "external",
"summary": "2208558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208558"
},
{
"category": "external",
"summary": "2208962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208962"
},
{
"category": "external",
"summary": "2209364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209364"
},
{
"category": "external",
"summary": "2209643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209643"
},
{
"category": "external",
"summary": "2209695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209695"
},
{
"category": "external",
"summary": "2210964",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210964"
},
{
"category": "external",
"summary": "2211334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211334"
},
{
"category": "external",
"summary": "2211343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211343"
},
{
"category": "external",
"summary": "2211704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211704"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3742.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-17T22:56:10+00:00",
"generator": {
"date": "2024-12-17T22:56:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:3742",
"initial_release_date": "2023-06-21T15:22:11+00:00",
"revision_history": [
{
"date": "2023-06-21T15:22:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-06-22T19:51:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:56:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.13 for RHEL 9",
"product": {
"name": "RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.13::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"product_id": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"product_id": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"product_id": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"product_id": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64 as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"relates_to_product_reference": "9Base-RHODF-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le as a component of RHODF 4.13 for RHEL 9",
"product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-16250",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2023-02-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167337"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulated and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16250"
},
{
"category": "external",
"summary": "RHBZ#2167337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101",
"url": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101"
}
],
"release_date": "2020-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass"
},
{
"cve": "CVE-2020-16251",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2023-02-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In affected versions of Vault, with the GCP Auth Method configured and under certain circumstances, the values relied upon by Vault to validate Google Compute Engine (GCE) VMs may be manipulated and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: GCP Auth Method Allows Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16251"
},
{
"category": "external",
"summary": "RHBZ#2167340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102",
"url": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102"
}
],
"release_date": "2020-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: GCP Auth Method Allows Authentication Bypass"
},
{
"cve": "CVE-2021-3765",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126299"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the validator package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "validator: Inefficient Regular Expression Complexity in Validator.js",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3765"
},
{
"category": "external",
"summary": "RHBZ#2126299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9",
"url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9"
}
],
"release_date": "2021-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "validator: Inefficient Regular Expression Complexity in Validator.js"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-4235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156727"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-yaml: Denial of Service in go-yaml",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4235"
},
{
"category": "external",
"summary": "RHBZ#2156727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235"
},
{
"category": "external",
"summary": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241",
"url": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241"
},
{
"category": "external",
"summary": "https://github.com/go-yaml/yaml/pull/375",
"url": "https://github.com/go-yaml/yaml/pull/375"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2021-0061",
"url": "https://pkg.go.dev/vuln/GO-2021-0061"
}
],
"release_date": "2022-12-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-yaml: Denial of Service in go-yaml"
},
{
"cve": "CVE-2021-4238",
"cwe": {
"id": "CWE-331",
"name": "Insufficient Entropy"
},
"discovery_date": "2022-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4238"
},
{
"category": "external",
"summary": "RHBZ#2156729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4238",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4238"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238"
},
{
"category": "external",
"summary": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1",
"url": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3839-6r69-m497",
"url": "https://github.com/advisories/GHSA-3839-6r69-m497"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-0411",
"url": "https://pkg.go.dev/vuln/GO-2022-0411"
}
],
"release_date": "2022-12-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be"
},
{
"cve": "CVE-2021-43998",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2021-11-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2028193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HashiCorp Vault. In affected versions of HashiCorp Vault and Vault Enterprise, templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: incorrect policy enforcement",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43998"
},
{
"category": "external",
"summary": "RHBZ#2028193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43998",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132",
"url": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132"
}
],
"release_date": "2021-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: incorrect policy enforcement"
},
{
"cve": "CVE-2021-44531",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node.js where it accepted a certificate\u0027s Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Improper handling of URI Subject Alternative Names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44531"
},
{
"category": "external",
"summary": "RHBZ#2040839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44531",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Improper handling of URI Subject Alternative Names"
},
{
"cve": "CVE-2021-44532",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040846"
}
],
"notes": [
{
"category": "description",
"text": "It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Certificate Verification Bypass via String Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44532"
},
{
"category": "external",
"summary": "RHBZ#2040846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44532",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Certificate Verification Bypass via String Injection"
},
{
"cve": "CVE-2021-44533",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040856"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Incorrect handling of certificate subject and issuer fields",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally, there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore, the Quay component is marked as \"Will not fix\" with impact LOW.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44533"
},
{
"category": "external",
"summary": "RHBZ#2040856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Incorrect handling of certificate subject and issuer fields"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-3517",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-06-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134609"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-minimatch: ReDoS via the braceExpand function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3517"
},
{
"category": "external",
"summary": "RHBZ#2134609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517"
}
],
"release_date": "2022-02-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-minimatch: ReDoS via the braceExpand function"
},
{
"cve": "CVE-2022-21824",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-01-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040862"
}
],
"notes": [
{
"category": "description",
"text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Prototype pollution via console.table properties",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21824"
},
{
"category": "external",
"summary": "RHBZ#2040862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Prototype pollution via console.table properties"
},
{
"cve": "CVE-2022-23540",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2023-02-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jsonwebtoken library. In affected versions of the jsonwebtoken library, lack of algorithm definition and a falsy secret or key in the jwt.verify() function may lead to signature validation bypass due to defaulting to the none algorithm for signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23540"
},
{
"category": "external",
"summary": "RHBZ#2169378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6",
"url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6"
}
],
"release_date": "2022-12-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass"
},
{
"cve": "CVE-2022-23541",
"cwe": {
"id": "CWE-1259",
"name": "Improper Restriction of Security Token Assignment"
},
"discovery_date": "2023-02-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jsonwebtoken library. Affected versions of jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function will result in incorrect verification of tokens. Using a different algorithm and key combination in verification than what was used to sign the tokens, specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to the successful validation of forged tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23541"
},
{
"category": "external",
"summary": "RHBZ#2169375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959",
"url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959"
}
],
"release_date": "2022-12-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-30635",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: encoding/gob: stack exhaustion in Decoder.Decode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30635"
},
{
"category": "external",
"summary": "RHBZ#2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635"
},
{
"category": "external",
"summary": "https://go.dev/issue/53615",
"url": "https://go.dev/issue/53615"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: encoding/gob: stack exhaustion in Decoder.Decode"
},
{
"cve": "CVE-2022-32189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2113814"
}
],
"notes": [
{
"category": "description",
"text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32189"
},
{
"category": "external",
"summary": "RHBZ#2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
},
{
"category": "external",
"summary": "https://go.dev/issue/53871",
"url": "https://go.dev/issue/53871"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
"url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
}
],
"release_date": "2022-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
},
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
},
{
"cve": "CVE-2022-38149",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2022-08-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119551"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the HashiCorp Consul Template. This issue may reveal the contents of a Vault secret when used with an invalid template.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38149"
},
{
"category": "external",
"summary": "RHBZ#2119551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215",
"url": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215"
}
],
"release_date": "2022-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input"
},
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170644"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "decode-uri-component: improper input validation resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38900"
},
{
"category": "external",
"summary": "RHBZ#2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900"
},
{
"category": "external",
"summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5",
"url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq",
"url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "decode-uri-component: improper input validation resulting in DoS"
},
{
"cve": "CVE-2022-41316",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HashiCorp Vault and Vault Enterprise. Vault\u2019s TLS certificate auth method did not initially load the optionally-configured CRL issued by the role\u2019s Certificate Authority (CA) into memory on startup, resulting in the revocation list not being checked if the CRL has not yet been retrieved.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: insufficient certificate revocation list checking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41316"
},
{
"category": "external",
"summary": "RHBZ#2135339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41316",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41316"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483",
"url": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: insufficient certificate revocation list checking"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
},
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2022-41725",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "RHBZ#2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725"
},
{
"category": "external",
"summary": "https://go.dev/cl/468124",
"url": "https://go.dev/cl/468124"
},
{
"category": "external",
"summary": "https://go.dev/issue/58006",
"url": "https://go.dev/issue/58006"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1569",
"url": "https://pkg.go.dev/vuln/GO-2023-1569"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2023-0620",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2023-04-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184663"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HashiCorp Vault and Vault Enterprise, which are vulnerable to SQL injection. This flaw allows a local authenticated attacker to send specially-crafted SQL statements to the Microsoft SQL (MSSQL) Database Storage Backend, which could allow the attacker to view, add, modify, or delete information in the backend database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0620"
},
{
"category": "external",
"summary": "RHBZ#2184663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080"
}
],
"release_date": "2023-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File"
},
{
"cve": "CVE-2023-0665",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2023-03-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182981"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Hashicorp vault. Vault\u2019s PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in a denial of service of the PKI mount. This bug did not affect public or private key material, trust chains, or certificate issuance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0665"
},
{
"category": "external",
"summary": "RHBZ#2182981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0665"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1"
}
],
"release_date": "2023-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata"
},
{
"cve": "CVE-2023-24999",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177844"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Hashicorp vault. When using the Vault and Vault Enterprise approle auth method, any authenticated user with access to the /auth/approle/role/:role_name/secret-id-accessor/destroy endpoint can destroy the secret ID of another role by providing the secret ID accessor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24999"
},
{
"category": "external",
"summary": "RHBZ#2177844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24999"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation"
},
{
"cve": "CVE-2023-25000",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2023-03-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Hashicorp vault. This flaw allows an attacker with access to and the ability to observe a large number of unseal operations on the host through a side channel to reduce the search space of a brute-force effort to recover the Shamir shares.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25000"
},
{
"category": "external",
"summary": "RHBZ#2182972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25000"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078"
}
],
"release_date": "2023-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-21T15:22:11+00:00",
"details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.",
"product_ids": [
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x",
"9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x",
"9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64",
"9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x",
"9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64",
"9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x",
"9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x",
"9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le",
"9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le",
"9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x",
"9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x",
"9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x",
"9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64",
"9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x",
"9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x",
"9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64",
"9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64",
"9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations"
}
]
}
RHSA-2022:4814
Vulnerability from csaf_redhat - Published: 2022-05-31 09:48 - Updated: 2025-11-21 18:31Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.6.5 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.6.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:4814",
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2057579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057579"
},
{
"category": "external",
"summary": "2072311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072311"
},
{
"category": "external",
"summary": "2074044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074044"
},
{
"category": "external",
"summary": "2074553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074553"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4814.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:31:32+00:00",
"generator": {
"date": "2025-11-21T18:31:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:4814",
"initial_release_date": "2022-05-31T09:48:42+00:00",
"revision_history": [
{
"date": "2022-05-31T09:48:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-31T09:48:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:31:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.6",
"product": {
"name": "8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.6.5-5"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.6.5-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.6.5-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.6.5-14"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.6.5-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8\u0026tag=v1.6.5-2"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8\u0026tag=v1.6.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
},
"product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-31T09:48:42+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-31T09:48:42+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
}
]
}
RHSA-2022:6595
Vulnerability from csaf_redhat - Published: 2022-09-20 12:27 - Updated: 2025-11-28 17:33Summary
Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update
Notes
Topic
An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (16.16.0), nodejs-nodemon (2.0.19). (BZ#2124230, BZ#2124233)
Security Fix(es):
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace (CVE-2022-29244)
* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)
* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)
* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)
* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)
* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* nodejs:16/nodejs: Rebase to the latest Nodejs 16 release [rhel-9] (BZ#2121019)
* nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2124299)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.16.0), nodejs-nodemon (2.0.19). (BZ#2124230, BZ#2124233)\n\nSecurity Fix(es):\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace (CVE-2022-29244)\n\n* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)\n\n* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)\n\n* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)\n\n* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)\n\n* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs:16/nodejs: Rebase to the latest Nodejs 16 release [rhel-9] (BZ#2121019)\n\n* nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2124299)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6595",
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2098556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098556"
},
{
"category": "external",
"summary": "2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "2121019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121019"
},
{
"category": "external",
"summary": "2124299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124299"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6595.json"
}
],
"title": "Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update",
"tracking": {
"current_release_date": "2025-11-28T17:33:43+00:00",
"generator": {
"date": "2025-11-28T17:33:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2022:6595",
"initial_release_date": "2022-09-20T12:27:54+00:00",
"revision_history": [
{
"date": "2022-09-20T12:27:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-20T12:27:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-28T17:33:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.src",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.src",
"product_id": "nodejs-1:16.16.0-1.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"product": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"product_id": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-1.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"product": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"product": {
"name": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"product_id": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.16.0-1.el9_0?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"product_id": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-1.el9_0?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.16.0-1.el9_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch"
},
"product_reference": "nodejs-docs-1:16.16.0-1.el9_0.noarch",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.19-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
},
"product_reference": "nodejs-nodemon-0:2.0.19-1.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
},
"product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2022-29244",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2098556"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in npm. This security issue occurs because the npm pack ignores root-level \".gitignore\" and \".npmignore\" file exclusion directives when run in a workspace or with a workspace flag (for example, --workspaces, --workspace=\u003cname\u003e). Anyone who has run \u0027npm pack\u0027 or \u0027npm publish\u0027 inside a workspace has published files into the npm registry they did not intend to include. This flaw exposes sensitive information to an unauthorized user or an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29244"
},
{
"category": "external",
"summary": "RHBZ#2098556",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098556"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29244"
},
{
"category": "external",
"summary": "https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52",
"url": "https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52"
}
],
"release_date": "2022-06-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace"
},
{
"acknowledgments": [
{
"names": [
"Axel Chong"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32212",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105422"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided (for instance, 10.0.2.555 is provided), browsers (such as Firefox) will make DNS requests to the DNS server. This issue provides a vector for an attacker-controlled DNS server or a Man-in-the-middle attack (MITM) who can spoof DNS responses to perform a rebinding attack and then connect to the WebSocket debugger allowing for arbitrary code execution on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: DNS rebinding in --inspect via invalid IP addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is a bypass of CVE-2021-22884.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32212"
},
{
"category": "external",
"summary": "RHBZ#2105422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: DNS rebinding in --inspect via invalid IP addresses"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32213",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105430"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS), causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32213"
},
{
"category": "external",
"summary": "RHBZ#2105430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32214",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105428"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the http module not strictly using the CRLF sequence to delimit HTTP requests. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows an attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to improper delimiting of header fields",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32214"
},
{
"category": "external",
"summary": "RHBZ#2105428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to improper delimiting of header fields"
},
{
"acknowledgments": [
{
"names": [
"Zeyu Zhang"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-32215",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105426"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32215"
},
{
"category": "external",
"summary": "RHBZ#2105426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"
}
],
"release_date": "2022-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding"
},
{
"cve": "CVE-2022-33987",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-06-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2102001"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `got` package for node.js. Requested URLs are not verified and allow open redirection to a local UNIX socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As got is only a transitive dependency of a development dependency of kiali OpenShift Service Mesh as well as being removed in version 2.2+, this flaw will not be fixed at this time for the openshift-istio-kiali-rhel8-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"known_not_affected": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33987"
},
{
"category": "external",
"summary": "RHBZ#2102001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/pull/2047",
"url": "https://github.com/sindresorhus/got/pull/2047"
},
{
"category": "external",
"summary": "https://github.com/sindresorhus/got/releases/tag/v11.8.5",
"url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5"
}
],
"release_date": "2022-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-20T12:27:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch",
"AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets"
}
]
}
RHSA-2022:0246
Vulnerability from csaf_redhat - Published: 2022-01-25 09:28 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027608)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027608)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0246",
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0246.json"
}
],
"title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:28:06+00:00",
"generator": {
"date": "2025-11-21T18:28:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0246",
"initial_release_date": "2022-01-25T09:28:51+00:00",
"revision_history": [
{
"date": "2022-01-25T09:28:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T09:28:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=src\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src (nodejs:14)",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.4.0%2B13503%2Bfc29810b?arch=src\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src (nodejs:14)",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"product": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch (nodejs:14)",
"product_id": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"product": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch (nodejs:14)",
"product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.4.0%2B13503%2Bfc29810b?arch=noarch\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch (nodejs:14)",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14)",
"product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14)",
"product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14)",
"product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14)",
"product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14)",
"product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14)",
"product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:14:8040020211213111158:522a0ee4"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
},
"product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
},
"product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
},
"product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
},
"product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14"
},
"product_reference": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
},
"product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14"
},
"product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64 (nodejs:14) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
},
"product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7788",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1907444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ini: Prototype pollution via malicious INI file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7788"
},
{
"category": "external",
"summary": "RHBZ#1907444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ini: Prototype pollution via malicious INI file"
},
{
"cve": "CVE-2020-28469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-glob-parent: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28469"
},
{
"category": "external",
"summary": "RHBZ#1945459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905",
"url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905"
}
],
"release_date": "2021-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-glob-parent: Regular expression denial of service"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3918",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2021-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024702"
}
],
"notes": [
{
"category": "description",
"text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-json-schema: Prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "RHBZ#2024702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918"
}
],
"release_date": "2021-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-json-schema: Prototype pollution vulnerability"
},
{
"cve": "CVE-2021-22959",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014057"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling due to spaces in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22959"
},
{
"category": "external",
"summary": "RHBZ#2014057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling due to spaces in headers"
},
{
"cve": "CVE-2021-22960",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014059"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22960"
},
{
"category": "external",
"summary": "RHBZ#2014059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/"
}
],
"release_date": "2021-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests"
},
{
"cve": "CVE-2021-33502",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-normalize-url: ReDoS for data URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33502"
},
{
"category": "external",
"summary": "RHBZ#1964461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539",
"url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-normalize-url: ReDoS for data URLs"
},
{
"cve": "CVE-2021-37701",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37701"
},
{
"category": "external",
"summary": "RHBZ#1999731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1779",
"url": "https://www.npmjs.com/advisories/1779"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
},
{
"cve": "CVE-2021-37712",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37712"
},
{
"category": "external",
"summary": "RHBZ#1999739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"category": "external",
"summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1780",
"url": "https://www.npmjs.com/advisories/1780"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T09:28:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch::nodejs:14",
"AppStream-8.4.0.Z.EUS:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x::nodejs:14",
"AppStream-8.4.0.Z.EUS:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64::nodejs:14"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite"
}
]
}
RHSA-2022:5532
Vulnerability from csaf_redhat - Published: 2022-07-07 14:19 - Updated: 2025-11-28 00:53Summary
Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update
Notes
Topic
A minor version update (from 7.10 to 7.11) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat Fuse 7.11.0 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
Security Fix(es):
* fastjson (CVE-2022-25845)
* jackson-databind (CVE-2020-36518)
* mysql-connector-java (CVE-2021-2471, CVE-2022-21363)
* undertow (CVE-2022-1259, CVE-2021-3629, CVE-2022-1319)
* wildfly-elytron (CVE-2021-3642)
* nodejs-ansi-regex (CVE-2021-3807, CVE-2021-3807)
* 3 qt (CVE-2021-3859)
* kubernetes-client (CVE-2021-4178)
* spring-security (CVE-2021-22119)
* protobuf-java (CVE-2021-22569)
* google-oauth-client (CVE-2021-22573)
* XStream (CVE-2021-29505, CVE-2021-43859)
* jdom (CVE-2021-33813, CVE-2021-33813)
* apache-commons-compress (CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090)
* Kafka (CVE-2021-38153)
* xml-security (CVE-2021-40690)
* logback (CVE-2021-42550)
* netty (CVE-2021-43797)
* xnio (CVE-2022-0084)
* jdbc-postgresql (CVE-2022-21724)
* spring-expression (CVE-2022-22950)
* springframework (CVE-2021-22096, CVE-2021-22060, CVE-2021-22096, CVE-2022-22976, CVE-2022-22970, CVE-2022-22971, CVE-2022-22978)
* h2 (CVE-2022-23221)
* junrar (CVE-2022-23596)
* artemis-commons (CVE-2022-23913)
* elasticsearch (CVE-2020-7020)
* tomcat (CVE-2021-24122, CVE-2021-25329, CVE-2020-9484, CVE-2021-25122, CVE-2021-33037, CVE-2021-30640, CVE-2021-41079, CVE-2021-42340, CVE-2022-23181)
* junit4 (CVE-2020-15250)
* wildfly-core (CVE-2020-25689, CVE-2021-3644)
* kotlin (CVE-2020-29582)
* karaf (CVE-2021-41766, CVE-2022-22932)
* Spring Framework (CVE-2022-22968)
* metadata-extractor (CVE-2022-24614)
* poi-scratchpad (CVE-2022-26336)
* postgresql-jdbc (CVE-2022-26520)
* tika-core (CVE-2022-30126)
For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 7.10 to 7.11) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Fuse 7.11.0 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nSecurity Fix(es):\n\n* fastjson (CVE-2022-25845)\n\n* jackson-databind (CVE-2020-36518)\n\n* mysql-connector-java (CVE-2021-2471, CVE-2022-21363)\n\n* undertow (CVE-2022-1259, CVE-2021-3629, CVE-2022-1319)\n\n* wildfly-elytron (CVE-2021-3642)\n\n* nodejs-ansi-regex (CVE-2021-3807, CVE-2021-3807)\n\n* 3 qt (CVE-2021-3859)\n\n* kubernetes-client (CVE-2021-4178)\n\n* spring-security (CVE-2021-22119)\n\n* protobuf-java (CVE-2021-22569)\n\n* google-oauth-client (CVE-2021-22573)\n\n* XStream (CVE-2021-29505, CVE-2021-43859)\n\n* jdom (CVE-2021-33813, CVE-2021-33813)\n\n* apache-commons-compress (CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090)\n\n* Kafka (CVE-2021-38153)\n\n* xml-security (CVE-2021-40690)\n\n* logback (CVE-2021-42550)\n\n* netty (CVE-2021-43797)\n\n* xnio (CVE-2022-0084)\n\n* jdbc-postgresql (CVE-2022-21724)\n\n* spring-expression (CVE-2022-22950)\n\n* springframework (CVE-2021-22096, CVE-2021-22060, CVE-2021-22096, CVE-2022-22976, CVE-2022-22970, CVE-2022-22971, CVE-2022-22978)\n\n* h2 (CVE-2022-23221)\n\n* junrar (CVE-2022-23596)\n\n* artemis-commons (CVE-2022-23913)\n\n* elasticsearch (CVE-2020-7020)\n\n* tomcat (CVE-2021-24122, CVE-2021-25329, CVE-2020-9484, CVE-2021-25122, CVE-2021-33037, CVE-2021-30640, CVE-2021-41079, CVE-2021-42340, CVE-2022-23181)\n\n* junit4 (CVE-2020-15250)\n\n* wildfly-core (CVE-2020-25689, CVE-2021-3644)\n\n* kotlin (CVE-2020-29582)\n\n* karaf (CVE-2021-41766, CVE-2022-22932)\n\n* Spring Framework (CVE-2022-22968)\n\n* metadata-extractor (CVE-2022-24614)\n\n* poi-scratchpad (CVE-2022-26336)\n\n* postgresql-jdbc (CVE-2022-26520)\n\n* tika-core (CVE-2022-30126)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5532",
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.11.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.11.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/"
},
{
"category": "external",
"summary": "1838332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838332"
},
{
"category": "external",
"summary": "1887810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887810"
},
{
"category": "external",
"summary": "1893070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893070"
},
{
"category": "external",
"summary": "1893125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893125"
},
{
"category": "external",
"summary": "1917209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917209"
},
{
"category": "external",
"summary": "1930291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930291"
},
{
"category": "external",
"summary": "1934032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934032"
},
{
"category": "external",
"summary": "1934061",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934061"
},
{
"category": "external",
"summary": "1966735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966735"
},
{
"category": "external",
"summary": "1973413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973413"
},
{
"category": "external",
"summary": "1976052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976052"
},
{
"category": "external",
"summary": "1977064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977064"
},
{
"category": "external",
"summary": "1977362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362"
},
{
"category": "external",
"summary": "1981407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981407"
},
{
"category": "external",
"summary": "1981533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981533"
},
{
"category": "external",
"summary": "1981544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981544"
},
{
"category": "external",
"summary": "1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "2004820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004820"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "2010378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010378"
},
{
"category": "external",
"summary": "2011190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011190"
},
{
"category": "external",
"summary": "2014356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014356"
},
{
"category": "external",
"summary": "2020583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020583"
},
{
"category": "external",
"summary": "2031958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
},
{
"category": "external",
"summary": "2033560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033560"
},
{
"category": "external",
"summary": "2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "2034584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584"
},
{
"category": "external",
"summary": "2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "2044596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044596"
},
{
"category": "external",
"summary": "2046279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046279"
},
{
"category": "external",
"summary": "2046282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046282"
},
{
"category": "external",
"summary": "2047343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
},
{
"category": "external",
"summary": "2047417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047417"
},
{
"category": "external",
"summary": "2049778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049778"
},
{
"category": "external",
"summary": "2049783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049783"
},
{
"category": "external",
"summary": "2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "2055480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055480"
},
{
"category": "external",
"summary": "2058763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058763"
},
{
"category": "external",
"summary": "2063292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063292"
},
{
"category": "external",
"summary": "2063601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
},
{
"category": "external",
"summary": "2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "2064226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
},
{
"category": "external",
"summary": "2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2073890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
},
{
"category": "external",
"summary": "2075441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075441"
},
{
"category": "external",
"summary": "2081879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081879"
},
{
"category": "external",
"summary": "2087214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087214"
},
{
"category": "external",
"summary": "2087272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087272"
},
{
"category": "external",
"summary": "2087274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087274"
},
{
"category": "external",
"summary": "2087606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087606"
},
{
"category": "external",
"summary": "2088523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088523"
},
{
"category": "external",
"summary": "2100654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100654"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5532.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update",
"tracking": {
"current_release_date": "2025-11-28T00:53:06+00:00",
"generator": {
"date": "2025-11-28T00:53:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2022:5532",
"initial_release_date": "2022-07-07T14:19:49+00:00",
"revision_history": [
{
"date": "2022-07-07T14:19:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-07-07T14:19:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-28T00:53:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.11",
"product": {
"name": "Red Hat Fuse 7.11",
"product_id": "Red Hat Fuse 7.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7020",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-10-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893125"
}
],
"notes": [
{
"category": "description",
"text": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elasticsearch: not properly preserving security permissions when executing complex queries may lead to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7020"
},
{
"category": "external",
"summary": "RHBZ#1893125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7020",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7020"
},
{
"category": "external",
"summary": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033",
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
},
{
"category": "external",
"summary": "https://www.elastic.co/community/security/",
"url": "https://www.elastic.co/community/security/"
}
],
"release_date": "2020-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "elasticsearch: not properly preserving security permissions when executing complex queries may lead to information disclosure"
},
{
"cve": "CVE-2020-9484",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1838332"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in Apache Tomcat\u0027s use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: deserialization flaw in session persistence storage leading to RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Enterprise Linux 8, Red Hat Certificate System 10 and Identity Management are using the pki-servlet-engine component, which embeds a vulnerable version of Tomcat. However, in these specific contexts, the prerequisites to the vulnerability are not met. The PersistentManager is not set, and a SecurityManager is used. The use of pki-servlet-engine outside of these contexts is not supported. As a result, the vulnerability can not be triggered in supported configurations of these products. A future update may update Tomcat in pki-servlet-engine.\n\nRed Hat Satellite do not ship Tomcat and rather use its configuration. The product is not affected because configuration does not make use of PersistanceManager or FileStore. Tomcat updates can be obtain from Red Hat Enterprise Linux (RHEL) RHSA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9484"
},
{
"category": "external",
"summary": "RHBZ#1838332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9484",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9484"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9484",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9484"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35"
}
],
"release_date": "2020-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Users may configure the PersistenceManager with an appropriate value for sessionAttributeValueClassNameFilter to ensure that only application provided attributes are serialized and deserialized. For more details about the configuration, refer to the Apache Tomcat 9 Configuration Reference https://tomcat.apache.org/tomcat-9.0-doc/config/manager.html.",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: deserialization flaw in session persistence storage leading to RCE"
},
{
"cve": "CVE-2020-15250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887810"
}
],
"notes": [
{
"category": "description",
"text": "In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system\u0027s temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "junit4: TemporaryFolder is shared between all users across system which could result in information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15250"
},
{
"category": "external",
"summary": "RHBZ#1887810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887810"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15250"
},
{
"category": "external",
"summary": "https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp",
"url": "https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp"
}
],
"release_date": "2020-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "junit4: TemporaryFolder is shared between all users across system which could result in information disclosure"
},
{
"cve": "CVE-2020-25689",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-10-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893070"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where the host-controller tries to reconnect in a loop, generating new connections that are not properly closed while unable to connect to the domain controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25689"
},
{
"category": "external",
"summary": "RHBZ#1893070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25689",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25689"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25689",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25689"
}
],
"release_date": "2020-10-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller"
},
{
"cve": "CVE-2020-29582",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"discovery_date": "2021-02-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930291"
}
],
"notes": [
{
"category": "description",
"text": "In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this vulnerability because It ships kotlin-stdlib. The vulnerable component is not in kotlin-stdlib.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-29582"
},
{
"category": "external",
"summary": "RHBZ#1930291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29582",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29582"
},
{
"category": "external",
"summary": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
}
],
"release_date": "2021-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure"
},
{
"cve": "CVE-2020-36518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064698"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via a large depth of nested objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36518"
},
{
"category": "external",
"summary": "RHBZ#2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
"url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
}
],
"release_date": "2020-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via a large depth of nested objects"
},
{
"cve": "CVE-2021-2471",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2021-11-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2020583"
}
],
"notes": [
{
"category": "description",
"text": "MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External Entity(XXE) vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors\u0027 accessible data without any authorization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: unauthorized access to critical",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Presto component is part of the OCP Metering stack and it ships the vulnerable version of the MySQL Connector/J package. Since the release of OCP 4.6, the Metering product has been deprecated and is removed from OCP starting from 4.9 version [1], hence the affected component is marked as wontfix.\n\n[1] https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html#ocp-4-9-deprecated-removed-features",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-2471"
},
{
"category": "external",
"summary": "RHBZ#2020583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020583"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-2471",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-2471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-2471"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
}
],
"release_date": "2021-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql-connector-java: unauthorized access to critical"
},
{
"cve": "CVE-2021-3629",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1977362"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3629"
},
{
"category": "external",
"summary": "RHBZ#1977362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629"
}
],
"release_date": "2021-03-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS"
},
{
"cve": "CVE-2021-3642",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"discovery_date": "2021-06-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attack in ScramServer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3642"
},
{
"category": "external",
"summary": "RHBZ#1981407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3642"
}
],
"release_date": "2021-06-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attack in ScramServer"
},
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-3644",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1976052"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-core: Invalid Sensitivity Classification of Vault Expression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this flaw as it does not ship the vulnerable component of wildfly.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3644"
},
{
"category": "external",
"summary": "RHBZ#1976052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3644"
}
],
"release_date": "2021-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly-core: Invalid Sensitivity Classification of Vault Expression"
},
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-3859",
"cwe": {
"id": "CWE-214",
"name": "Invocation of Process Using Visible Sensitive Information"
},
"discovery_date": "2021-09-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2010378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: client side invocation timeout raised when calling over HTTP2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3859"
},
{
"category": "external",
"summary": "RHBZ#2010378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3859",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3859"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3859",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3859"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: client side invocation timeout raised when calling over HTTP2"
},
{
"acknowledgments": [
{
"names": [
"Jordy Versmissen"
]
}
],
"cve": "CVE-2021-4178",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034388"
}
],
"notes": [
{
"category": "description",
"text": "A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes-client: Insecure deserialization in unmarshalYaml method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this flaw because it does not ship a vulnerable version of kubernetes-client; the version that it ships does not use SnakeYAML.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4178"
},
{
"category": "external",
"summary": "RHBZ#2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4178"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178"
}
],
"release_date": "2022-01-05T15:05:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes-client: Insecure deserialization in unmarshalYaml method"
},
{
"cve": "CVE-2021-22060",
"discovery_date": "2022-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2055480"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22060"
},
{
"category": "external",
"summary": "RHBZ#2055480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22060"
}
],
"release_date": "2022-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)"
},
{
"cve": "CVE-2021-22096",
"discovery_date": "2021-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034584"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: malicious input leads to insertion of additional log entries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22096"
},
{
"category": "external",
"summary": "RHBZ#2034584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096"
}
],
"release_date": "2021-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "springframework: malicious input leads to insertion of additional log entries"
},
{
"cve": "CVE-2021-22119",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1977064"
}
],
"notes": [
{
"category": "description",
"text": "Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session or multiple sessions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22119"
},
{
"category": "external",
"summary": "RHBZ#1977064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977064"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22119",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22119"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22119",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22119"
}
],
"release_date": "2021-06-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request"
},
{
"cve": "CVE-2021-22569",
"cwe": {
"id": "CWE-696",
"name": "Incorrect Behavior Order"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: potential DoS in the parsing procedure for binary data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22569"
},
{
"category": "external",
"summary": "RHBZ#2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
"url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
}
],
"release_date": "2022-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: potential DoS in the parsing procedure for binary data"
},
{
"cve": "CVE-2021-22573",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2081879"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Google OAuth Java client\u0027s IDToken verifier, where it does not verify if the token is properly signed. This issue could allow an attacker to provide a compromised token with a custom payload that will pass the validation on the client side, allowing access to information outside of their prescribed permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: Token signature not verified",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22573"
},
{
"category": "external",
"summary": "RHBZ#2081879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081879"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22573"
},
{
"category": "external",
"summary": "https://github.com/googleapis/google-oauth-java-client/pull/872",
"url": "https://github.com/googleapis/google-oauth-java-client/pull/872"
}
],
"release_date": "2022-05-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google-oauth-client: Token signature not verified"
},
{
"cve": "CVE-2021-24122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1917209"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. When serving resources from a network location using the NTFS file system, it was possible to bypass security constraints and view the source code for JSPs in some configurations. The root cause was the unexpected behavior of the JRE API File.getCanonicalPath(), which was caused by the inconsistent behavior of the Windows API (FindFirstFileW) in some circumstances. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Information disclosure when using NTFS file system",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat OpenStack Platform\u0027s OpenDaylight, tomcat is disabled by default. Further, ODL deployments are not supported on untrusted administrator networks; even if tomcat is enabled, if random users can access it, this would be in an unsupported configuration. For this reason, the RHOSP impact has been reduced and no update will be provided at this time for the ODL tomcat package.\n\nThis flaw does not affect tomcat or pki-servlet-engine as shipped with Red Hat Enterprise Linux 6, 7, or 8 because the functionality involving FindFirstFileW() is specific to the Windows native code. Additionally, RHEL is not shipped with NTFS support.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-24122"
},
{
"category": "external",
"summary": "RHBZ#1917209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-24122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24122"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-24122",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40"
}
],
"release_date": "2021-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Information disclosure when using NTFS file system"
},
{
"cve": "CVE-2021-25122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1934032"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. When responding to new h2c connection requests, Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A\u0027s request. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Request mix-up with h2c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8\u0027s Identity Management and Certificate System are using a vulnerable version of Tomcat that is bundled into the `pki-servlet-engine` component. However, HTTP/2 is not enabled in such a configuration, and it is not possible to trigger the flaw in a supported setup. A future update may fix the code. Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7 are not affected by this flaw because HTTP/2 is not supported in the shipped version of tomcat in those packages.\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-25122"
},
{
"category": "external",
"summary": "RHBZ#1934032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934032"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-25122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25122"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25122",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25122"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43"
}
],
"release_date": "2021-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Request mix-up with h2c"
},
{
"cve": "CVE-2021-25329",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1934061"
}
],
"notes": [
{
"category": "description",
"text": "The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incomplete fix for CVE-2020-9484 (RCE via session persistence)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Enterprise Linux 8, Red Hat Certificate System 10 and Identity Management are using the `pki-servlet-engine` component, which embeds a vulnerable version of Tomcat. However, in these specific contexts, the prerequisites to the vulnerability are not met. The PersistentManager is not set, and a SecurityManager is used. The use of `pki-servlet-engine` outside of these contexts is not supported. As a result, the vulnerability can not be triggered in supported configurations of these products.\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-25329"
},
{
"category": "external",
"summary": "RHBZ#1934061",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934061"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-25329",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-25329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25329"
},
{
"category": "external",
"summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E",
"url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.108",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.108"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43"
}
],
"release_date": "2021-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Users may configure the PersistenceManager with an appropriate value for sessionAttributeValueClassNameFilter to ensure that only application provided attributes are serialized and deserialized. For more details about the configuration, refer to the Apache Tomcat 9 Configuration Reference https://tomcat.apache.org/tomcat-9.0-doc/config/manager.html.",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Incomplete fix for CVE-2020-9484 (RCE via session persistence)"
},
{
"cve": "CVE-2021-29505",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XStream. By manipulating the processed input stream, a remote attacker may be able to obtain sufficient rights to execute commands. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: remote command execution attack by manipulating the processed input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) delivers Jenkins LTS package with bundled XStream library. Due to JEP-200 [1] and JEP-228 [2] Jenkins projects, OCP Jenkins package is not affected by this flaw.\n\nCodeReady Studio 12 ships a version of xstream that is affected by this flaw as a transitive dependency for the Wise framework plugin. However, the vulnerable code is not called, so this flaw has been marked as Low severity for CodeReady Studio 12.\n\n[1] https://github.com/jenkinsci/jep/blob/master/jep/200/README.adoc\n[2] https://github.com/jenkinsci/jep/blob/master/jep/228/README.adoc#security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29505"
},
{
"category": "external",
"summary": "RHBZ#1966735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29505"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29505",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29505"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc"
},
{
"category": "external",
"summary": "https://x-stream.github.io/CVE-2021-29505.html",
"url": "https://x-stream.github.io/CVE-2021-29505.html"
}
],
"release_date": "2021-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Depending on the version of XStream used there are various usage patterns that mitigate this flaw, though we would strongly recommend using the allow list approach if at all possible as there are likely more class combinations the deny list approach may not address.\n\nAllow list approach\n```java\nXStream xstream = new XStream();\nXStream.setupDefaultSecurity(xstream);\nxstream.allowTypesByWildcard(new String[] {\"com.misc.classname\"})\n```\nDeny list for XStream 1.4.16 (this should also address some previous flaws found in 1.4.7 - \u003e 1.4.15) \n```java\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\.Lazy(?:Search)?Enumeration.*\", \"(?:java|sun)\\\\.rmi\\\\..*\" });\n```\n\nDeny list for XStream 1.4.15\n```java\nxstream.denyTypes(new String[]{ \"sun.awt.datatransfer.DataTransferer$IndexOrderComparator\", \"sun.swing.SwingLazyValue\", \"com.sun.corba.se.impl.activation.ServerTableEntry\", \"com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator\" });\nxstream.denyTypesByRegExp(new String[]{ \".*\\\\$ServiceNameIterator\", \"javafx\\\\.collections\\\\.ObservableList\\\\$.*\", \".*\\\\.bcel\\\\..*\\\\.util\\\\.ClassLoader\" });\nxstream.denyTypeHierarchy(java.io.InputStream.class );\nxstream.denyTypeHierarchy(java.nio.channels.Channel.class );\nxstream.denyTypeHierarchy(javax.activation.DataSource.class );\nxstream.denyTypeHierarchy(javax.sql.rowset.BaseRowSet.class );\n```\n\nDeny list for XStream 1.4.13\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class });\n```\n\nDeny list for XStream 1.4.7 -\u003e 1.4.12\n```java\nxstream.denyTypes(new String[]{ \"javax.imageio.ImageIO$ContainsFilter\" });\nxstream.denyTypes(new Class[]{ java.lang.ProcessBuilder.class, java.beans.EventHandler.class, java.lang.ProcessBuilder.class, java.lang.Void.class, void.class });\n```\n\nDeny list for versions prior to XStream 1.4.7\n```java\nxstream.registerConverter(new Converter() {\n public boolean canConvert(Class type) {\n return type != null \u0026\u0026 (type == java.beans.EventHandler.class || type == java.lang.ProcessBuilder.class || type == java.lang.Void.class || void.class || type.getName().equals(\"javax.imageio.ImageIO$ContainsFilter\") || Proxy.isProxy(type));\n }\n\n public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n\n public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingContext context) {\n throw new ConversionException(\"Unsupported type due to security reasons.\");\n }\n}, XStream.PRIORITY_LOW);\n```",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "XStream: remote command execution attack by manipulating the processed input stream"
},
{
"cve": "CVE-2021-30640",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981544"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: JNDI realm authentication weakness",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30640"
},
{
"category": "external",
"summary": "RHBZ#1981544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30640"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30640",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30640"
}
],
"release_date": "2021-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: JNDI realm authentication weakness"
},
{
"cve": "CVE-2021-33037",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981533"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: HTTP request smuggling when used with a reverse proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33037"
},
{
"category": "external",
"summary": "RHBZ#1981533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33037"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33037",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33037"
}
],
"release_date": "2021-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: HTTP request smuggling when used with a reverse proxy"
},
{
"cve": "CVE-2021-33813",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2021-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1973413"
}
],
"notes": [
{
"category": "description",
"text": "An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jdom: XXE allows attackers to cause a DoS via a crafted HTTP request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the hive and hadoop components that comprise the OCP metering stack, ship the vulnerable version of jdom.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nThis flaw is out of support scope for Red Hat Enterprise Linux 6 and 7. Please see the following page for more information on Red Hat Enterprise Linux support scopes: https://access.redhat.com/support/policy/updates/errata/ .\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33813"
},
{
"category": "external",
"summary": "RHBZ#1973413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33813"
}
],
"release_date": "2021-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jdom: XXE allows attackers to cause a DoS via a crafted HTTP request"
},
{
"cve": "CVE-2021-35515",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981895"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35515"
},
{
"category": "external",
"summary": "RHBZ#1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/1",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/1"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35516",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981900"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for very small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35516"
},
{
"category": "external",
"summary": "RHBZ#1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/2",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/2"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35517",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted TAR archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 TAR package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35517"
},
{
"category": "external",
"summary": "RHBZ#1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/3",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/3"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive"
},
{
"cve": "CVE-2021-36090",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981909"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted ZIP archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 zip package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36090"
},
{
"category": "external",
"summary": "RHBZ#1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/4",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/4"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive"
},
{
"cve": "CVE-2021-38153",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2021-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2009041"
}
],
"notes": [
{
"category": "description",
"text": "Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38153"
},
{
"category": "external",
"summary": "RHBZ#2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153"
}
],
"release_date": "2021-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients"
},
{
"cve": "CVE-2021-40690",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2011190"
}
],
"notes": [
{
"category": "description",
"text": "All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the \"secureValidation\" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xml-security: XPath Transform abuse allows for information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Since OpenShift Container Platform (OCP) 4.7, the logging-elasticsearch6-container is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-40690"
},
{
"category": "external",
"summary": "RHBZ#2011190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-40690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40690"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xml-security: XPath Transform abuse allows for information disclosure"
},
{
"cve": "CVE-2021-41079",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet can trigger an infinite loop, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Infinite loop while reading an unexpected TLS packet when using OpenSSL JSSE engine",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Certificate System versions 9 and older, the version of Tomcat used is not affected by this flaw.\nIn Red Hat Certificate System 10, Tomcat is affected by this flaw. However, Tomcat is configured so that it does not use OpenSSLEngine, but the Dogtag JSS SSL implementation. As a result, the flaw can not be reached.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41079"
},
{
"category": "external",
"summary": "RHBZ#2004820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41079",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41079"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.4",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.4"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.64",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.64"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.44",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.44"
}
],
"release_date": "2021-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Infinite loop while reading an unexpected TLS packet when using OpenSSL JSSE engine"
},
{
"cve": "CVE-2021-41766",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2046282"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Karaf. This issue allows monitoring of applications and the Java runtime by using the Java Management Extensions (JMX).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "karaf: insecure java deserialization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default JMX implementation is hardened against unauthenticated deserialization attacks. The implementation used by Apache Karaf is not protected against this kind of attack. The impact of Java deserialization vulnerabilities strongly depends on the classes available within the target\u0027s classpath. Generally speaking, deserialization of untrusted data does represent a high-security risk and should be prevented. In this case, it\u0027s limited to classes system scoped classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41766"
},
{
"category": "external",
"summary": "RHBZ#2046282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41766",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41766"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41766",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41766"
}
],
"release_date": "2022-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "karaf: insecure java deserialization"
},
{
"cve": "CVE-2021-42340",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2021-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014356"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in Apache Tomcat, where an HTTP upgrade connection does not release for WebSocket connections once the WebSocket connection is closed. If a sufficient number of such requests are made, an OutOfMemoryError occurs, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: OutOfMemoryError caused by HTTP upgrade connection leak could lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenStack Platform, Tomcat is provided as a component of OpenDaylight. This flaw will not receive a fix as OpenDaylight was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.\n\nRed Hat Satellite does not include the affected Apache Tomcat, however, Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42340"
},
{
"category": "external",
"summary": "RHBZ#2014356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42340"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.12",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.12"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.0-M6",
"url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.0-M6"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.72",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.72"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.54",
"url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.54"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E"
}
],
"release_date": "2021-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: OutOfMemoryError caused by HTTP upgrade connection leak could lead to DoS"
},
{
"cve": "CVE-2021-42550",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2033560"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the logback package. When using a specially-crafted configuration, this issue could allow a remote authenticated attacker to execute arbitrary code loaded from LDAP servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "logback: remote code execution through JNDI call from within its configuration file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite shipped affected versions, however, it is not vulnerable because the product doesn\u0027t meet the conditions needed to perform the attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42550"
},
{
"category": "external",
"summary": "RHBZ#2033560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033560"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42550",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42550"
},
{
"category": "external",
"summary": "http://logback.qos.ch/news.html",
"url": "http://logback.qos.ch/news.html"
},
{
"category": "external",
"summary": "https://cve.report/CVE-2021-42550",
"url": "https://cve.report/CVE-2021-42550"
},
{
"category": "external",
"summary": "https://jira.qos.ch/browse/LOGBACK-1591",
"url": "https://jira.qos.ch/browse/LOGBACK-1591"
}
],
"release_date": "2021-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "logback: remote code execution through JNDI call from within its configuration file"
},
{
"cve": "CVE-2021-43797",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031958"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: control chars in header names may lead to HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated, hence the affected components are marked as wontfix.\nThe openshift4/ose-logging-elasticsearch6 container is marked as Out of support scope because since the release of OCP 4.7 the logging functionality is delivered as an OpenShift Logging product and OCP 4.6 is already in the Maintenance Support phase.\nA fix was introduced in netty-codec-http version 4.1.72.Final.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43797"
},
{
"category": "external",
"summary": "RHBZ#2031958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq",
"url": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: control chars in header names may lead to HTTP request smuggling"
},
{
"cve": "CVE-2021-43859",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2049783"
}
],
"notes": [
{
"category": "description",
"text": "XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Injecting highly recursive collections or maps can cause a DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this issue as having Moderate security impact and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43859"
},
{
"category": "external",
"summary": "RHBZ#2049783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43859"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43859",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43859"
}
],
"release_date": "2022-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Injecting highly recursive collections or maps can cause a DoS"
},
{
"cve": "CVE-2022-0084",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although the CVSS stands for 7.5 score, the impact remains Moderate as it demands previous knowledge of the environment to trigger the Denial of Service (DoS)",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0084"
},
{
"category": "external",
"summary": "RHBZ#2064226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084"
}
],
"release_date": "2022-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr"
},
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-1319",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073890"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1319"
},
{
"category": "external",
"summary": "RHBZ#2073890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319"
}
],
"release_date": "2022-04-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures"
},
{
"cve": "CVE-2022-21363",
"cwe": {
"id": "CWE-280",
"name": "Improper Handling of Insufficient Permissions or Privileges "
},
"discovery_date": "2022-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2047343"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21363"
},
{
"category": "external",
"summary": "RHBZ#2047343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors"
},
{
"cve": "CVE-2022-21724",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-02-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050863"
}
],
"notes": [
{
"category": "description",
"text": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21724"
},
{
"category": "external",
"summary": "RHBZ#2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4",
"url": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes"
},
{
"cve": "CVE-2022-22932",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2046279"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Karaf obr:* command, where a partial path traversal issue allows a break out of the expected folder. This entry is set by the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "karaf: path traversal flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22932"
},
{
"category": "external",
"summary": "RHBZ#2046279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046279"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22932",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22932"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22932",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22932"
}
],
"release_date": "2022-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "karaf: path traversal flaws"
},
{
"cve": "CVE-2022-22950",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2069414"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-expression: Denial of service via specially crafted SpEL expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22950"
},
{
"category": "external",
"summary": "RHBZ#2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22950",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950"
}
],
"release_date": "2022-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-expression: Denial of service via specially crafted SpEL expression"
},
{
"cve": "CVE-2022-22968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-04-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2075441"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: Data Binding Rules Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22968"
},
{
"category": "external",
"summary": "RHBZ#2075441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075441"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22968",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22968"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22968",
"url": "https://tanzu.vmware.com/security/cve-2022-22968"
}
],
"release_date": "2022-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Framework: Data Binding Rules Vulnerability"
},
{
"cve": "CVE-2022-22970",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087272"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. Applications that handle file uploads are vulnerable to a denial of service (DoS) attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: DoS via data binding to multipartFile or servlet part",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22970"
},
{
"category": "external",
"summary": "RHBZ#2087272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22970",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22970"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22970",
"url": "https://tanzu.vmware.com/security/cve-2022-22970"
}
],
"release_date": "2022-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: DoS via data binding to multipartFile or servlet part"
},
{
"cve": "CVE-2022-22971",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework Applications. Applications that use STOMP over the WebSocket endpoint are vulnerable to a denial of service attack caused by an authenticated user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: DoS with STOMP over WebSocket",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22971"
},
{
"category": "external",
"summary": "RHBZ#2087274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22971"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22971",
"url": "https://tanzu.vmware.com/security/cve-2022-22971"
}
],
"release_date": "2022-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: DoS with STOMP over WebSocket"
},
{
"cve": "CVE-2022-22976",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-05-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087214"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum work factor (31) due to an integer overflow error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: BCrypt skips salt rounds for work factor of 31",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22976"
},
{
"category": "external",
"summary": "RHBZ#2087214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087214"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22976"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22976",
"url": "https://tanzu.vmware.com/security/cve-2022-22976"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: BCrypt skips salt rounds for work factor of 31"
},
{
"cve": "CVE-2022-22978",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can bypass some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Authorization Bypass in RegexRequestMatcher",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22978"
},
{
"category": "external",
"summary": "RHBZ#2087606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22978"
},
{
"category": "external",
"summary": "https://tanzu.vmware.com/security/cve-2022-22978",
"url": "https://tanzu.vmware.com/security/cve-2022-22978"
}
],
"release_date": "2022-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Authorization Bypass in RegexRequestMatcher"
},
{
"acknowledgments": [
{
"names": [
"Trung Pham"
],
"organization": "Viettel Cyber Security",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-23181",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2022-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2047417"
}
],
"notes": [
{
"category": "description",
"text": "The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: local privilege escalation vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Enterprise Linux 8, Red Hat Certificate System 10 and Identity Management are using the `pki-servlet-engine` component. This component embeds a version of Tomcat which is not affected by this flaw, as it does not include the fix for CVE-2020-9484. Additionally, in these specific contexts, the prerequisites to the vulnerability are not met. The PersistentManager is not set, and a SecurityManager is used. The use of `pki-servlet-engine` outside of these contexts is not supported.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23181"
},
{
"category": "external",
"summary": "RHBZ#2047417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047417"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23181",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23181"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23181",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23181"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9",
"url": "https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9"
}
],
"release_date": "2022-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: local privilege escalation vulnerability"
},
{
"cve": "CVE-2022-23221",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "h2: Loading of custom classes from remote servers through JNDI",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23221"
},
{
"category": "external",
"summary": "RHBZ#2044596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23221"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-45hx-wfhj-473x",
"url": "https://github.com/advisories/GHSA-45hx-wfhj-473x"
}
],
"release_date": "2022-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "h2: Loading of custom classes from remote servers through JNDI"
},
{
"cve": "CVE-2022-23596",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2022-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2049778"
}
],
"notes": [
{
"category": "description",
"text": "Junrar is an open source java RAR archive library. In affected versions A carefully crafted RAR archive can trigger an infinite loop while extracting said archive. The impact depends solely on how the application uses the library, and whether files can be provided by malignant users. The problem is patched in 7.4.1. There are no known workarounds and users are advised to upgrade as soon as possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "junrar: A carefully crafted RAR archive can trigger an infinite loop while extracting",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23596"
},
{
"category": "external",
"summary": "RHBZ#2049778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23596",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23596"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23596",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23596"
}
],
"release_date": "2022-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "junrar: A carefully crafted RAR archive can trigger an infinite loop while extracting"
},
{
"cve": "CVE-2022-23913",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2063601"
}
],
"notes": [
{
"category": "description",
"text": "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis-commons: Apache ActiveMQ Artemis DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23913"
},
{
"category": "external",
"summary": "RHBZ#2063601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2",
"url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"
}
],
"release_date": "2022-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "artemis-commons: Apache ActiveMQ Artemis DoS"
},
{
"cve": "CVE-2022-24614",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-02-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2058763"
}
],
"notes": [
{
"category": "description",
"text": "When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "metadata-extractor: Out-of-memory when reading a specially crafted JPEG file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24614"
},
{
"category": "external",
"summary": "RHBZ#2058763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24614"
}
],
"release_date": "2022-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "metadata-extractor: Out-of-memory when reading a specially crafted JPEG file"
},
{
"cve": "CVE-2022-25845",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2100654"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in com.alibaba:fastjson, a fast JSON parser/generator for Java. Affected versions of this package are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fastjson: autoType shutdown restriction bypass leads to deserialization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25845"
},
{
"category": "external",
"summary": "RHBZ#2100654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25845"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222"
}
],
"release_date": "2022-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
},
{
"category": "workaround",
"details": "Users who can not upgrade to the fixed version may enable safeMode; this completely disables the autoType function and eliminates the vulnerability risk. [https://github.com/alibaba/fastjson/wiki/fastjson_safemode]",
"product_ids": [
"Red Hat Fuse 7.11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fastjson: autoType shutdown restriction bypass leads to deserialization"
},
{
"cve": "CVE-2022-26336",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2063292"
}
],
"notes": [
{
"category": "description",
"text": "A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the application allows untrusted users to supply them, then a carefully crafted file can cause an Out of Memory exception. This issue affects poi-scratchpad version 5.2.0 and prior versions. Users are recommended to upgrade to poi-scratchpad 5.2.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26336"
},
{
"category": "external",
"summary": "RHBZ#2063292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26336"
}
],
"release_date": "2022-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception"
},
{
"cve": "CVE-2022-26520",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2022-03-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064007"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql-jdbc: Arbitrary File Write Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat informs that although there\u0027s a difference from NVD CVSSv3 score there\u0027s a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it\u0027s needed. This require non-default configuration and also it\u0027s not expected to allow an untrusted user to perform this kind of setting.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26520"
},
{
"category": "external",
"summary": "RHBZ#2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26520"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "postgresql-jdbc: Arbitrary File Write Vulnerability"
},
{
"cve": "CVE-2022-30126",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-05-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2088523"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tika-core: Regular Expression Denial of Service in standards extractor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30126"
},
{
"category": "external",
"summary": "RHBZ#2088523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30126"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30126",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30126"
}
],
"release_date": "2022-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-07T14:19:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5532"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tika-core: Regular Expression Denial of Service in standards extractor"
}
]
}
RHSA-2022_5555
Vulnerability from csaf_redhat - Published: 2022-07-14 12:56 - Updated: 2024-11-22 21:43Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.1] security, bug fix and update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)
* apache-commons-compress: infinite loop when reading a specially crafted 7Z archive (CVE-2021-35515)
* apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive (CVE-2021-35516)
* apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive (CVE-2021-35517)
* apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive (CVE-2021-36090)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)
* semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding (CVE-2022-31051)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)\n\n* apache-commons-compress: infinite loop when reading a specially crafted 7Z archive (CVE-2021-35515)\n\n* apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive (CVE-2021-35516)\n\n* apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive (CVE-2021-35517)\n\n* apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive (CVE-2021-36090)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)\n\n* semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding (CVE-2022-31051)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5555",
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1663217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663217"
},
{
"category": "external",
"summary": "1782077",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782077"
},
{
"category": "external",
"summary": "1849045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849045"
},
{
"category": "external",
"summary": "1852308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852308"
},
{
"category": "external",
"summary": "1958032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958032"
},
{
"category": "external",
"summary": "1966615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966615"
},
{
"category": "external",
"summary": "1976607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976607"
},
{
"category": "external",
"summary": "1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "1994144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994144"
},
{
"category": "external",
"summary": "2001574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001574"
},
{
"category": "external",
"summary": "2001923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001923"
},
{
"category": "external",
"summary": "2006625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006625"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2030293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030293"
},
{
"category": "external",
"summary": "2068270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2068270"
},
{
"category": "external",
"summary": "2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "2070045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070045"
},
{
"category": "external",
"summary": "2072626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072626"
},
{
"category": "external",
"summary": "2081241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081241"
},
{
"category": "external",
"summary": "2081559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081559"
},
{
"category": "external",
"summary": "2089856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089856"
},
{
"category": "external",
"summary": "2092885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092885"
},
{
"category": "external",
"summary": "2093795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093795"
},
{
"category": "external",
"summary": "2097414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097414"
},
{
"category": "external",
"summary": "2099650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099650"
},
{
"category": "external",
"summary": "2105296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5555.json"
}
],
"title": "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.1] security, bug fix and update",
"tracking": {
"current_release_date": "2024-11-22T21:43:36+00:00",
"generator": {
"date": "2024-11-22T21:43:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:5555",
"initial_release_date": "2022-07-14T12:56:49+00:00",
"revision_history": [
{
"date": "2022-07-14T12:56:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-07-14T12:56:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:43:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product": {
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.4:el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"product_id": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.14-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"product": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"product_id": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"product": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"product_id": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"product": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"product_id": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql-jdbc@42.2.14-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"product": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"product_id": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.6-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"product": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"product_id": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-compress@1.21-1.2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"product": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"product_id": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.5.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.4-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"product": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"product_id": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.1.2-0.11.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"product": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"product_id": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.9.0-1.el8ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"product_id": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"product": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"product_id": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"product": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"product_id": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql-jdbc@42.2.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"product": {
"name": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"product_id": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql-jdbc-javadoc@42.2.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"product": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"product_id": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.6-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"product": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"product_id": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-compress@1.21-1.2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"product": {
"name": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"product_id": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-compress-javadoc@1.21-1.2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"product": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"product_id": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.5.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.4-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-backend@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"product": {
"name": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"product_id": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm@4.5.1.2-0.11.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"product": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"product_id": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.9.0-1.el8ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch"
},
"product_reference": "apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-compress-0:1.21-1.2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src"
},
"product_reference": "apache-commons-compress-0:1.21-1.2.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
},
"product_reference": "apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch"
},
"product_reference": "ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-dependencies-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
},
"product_reference": "ovirt-dependencies-0:4.5.2-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src"
},
"product_reference": "ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src"
},
"product_reference": "ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch"
},
"product_reference": "ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-log-collector-0:4.4.6-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src"
},
"product_reference": "ovirt-log-collector-0:4.4.6-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch"
},
"product_reference": "ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.9.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
},
"product_reference": "ovirt-web-ui-0:1.9.0-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch"
},
"product_reference": "postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql-jdbc-0:42.2.14-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src"
},
"product_reference": "postgresql-jdbc-0:42.2.14-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch"
},
"product_reference": "postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-0:4.5.1.2-0.11.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch"
},
"product_reference": "rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch"
},
"product_reference": "rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
},
"product_reference": "rhvm-branding-rhv-0:4.5.0-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-22096",
"discovery_date": "2021-12-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034584"
}
],
"notes": [
{
"category": "description",
"text": "In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: malicious input leads to insertion of additional log entries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22096"
},
{
"category": "external",
"summary": "RHBZ#2034584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22096"
}
],
"release_date": "2021-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "springframework: malicious input leads to insertion of additional log entries"
},
{
"cve": "CVE-2021-33623",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-trim-newlines. Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-trim-newlines: ReDoS in .end() method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) grafana-container does package a vulnerable verison of nodejs trim-newlines. However due to the instance being read only and behind OpenShift OAuth, the impact by this vulnerability is Low. Red Hat Advanced Cluster Management for Kubernetes (ACM) containers affected by this flaw are only accessible to authenticated users, thus the impact of this vulnerability is Low. \nRed Hat Virtualization (RHV) does package a vulnerable version of nodejs-trim-newlines. However, no untrusted content is being parsed therefore the impact of this vulnerability is Low.\n\nThe hosted services are shipped with the vulnerable packages, however the vulnerable methods were not identified in use at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33623"
},
{
"category": "external",
"summary": "RHBZ#1966615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33623"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623"
}
],
"release_date": "2021-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-trim-newlines: ReDoS in .end() method"
},
{
"cve": "CVE-2021-35515",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981895"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35515"
},
{
"category": "external",
"summary": "RHBZ#1981895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981895"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35515"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/1",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/1"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: infinite loop when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35516",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981900"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for very small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 SevenZ package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35516"
},
{
"category": "external",
"summary": "RHBZ#1981900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981900"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35516"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/2",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/2"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive"
},
{
"cve": "CVE-2021-35517",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted TAR archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 TAR package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35517"
},
{
"category": "external",
"summary": "RHBZ#1981903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35517"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/3",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/3"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive"
},
{
"cve": "CVE-2021-36090",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981909"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-commons-compress. When reading a specially crafted ZIP archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress\u0027 zip package. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"known_not_affected": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36090"
},
{
"category": "external",
"summary": "RHBZ#1981909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36090"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2021/07/13/4",
"url": "http://www.openwall.com/lists/oss-security/2021/07/13/4"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-compress/security-reports.html",
"url": "https://commons.apache.org/proper/commons-compress/security-reports.html"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive"
},
{
"cve": "CVE-2022-22950",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2069414"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-expression: Denial of service via specially crafted SpEL expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22950"
},
{
"category": "external",
"summary": "RHBZ#2069414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22950",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950"
}
],
"release_date": "2022-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-expression: Denial of service via specially crafted SpEL expression"
},
{
"cve": "CVE-2022-31051",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2097414"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in semantic-release. Secrets that are normally masked are accidentally disclosed if they contain characters excluded from uri encoding by `encodeURI()`. The vulnerability is further limited to execution contexts where push access to the related repository is unavailable without modifying the repository URL to inject credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31051"
},
{
"category": "external",
"summary": "RHBZ#2097414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31051",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31051"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31051",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31051"
},
{
"category": "external",
"summary": "https://github.com/semantic-release/semantic-release/security/advisories/GHSA-x2pg-mjhr-2m5x",
"url": "https://github.com/semantic-release/semantic-release/security/advisories/GHSA-x2pg-mjhr-2m5x"
}
],
"release_date": "2022-06-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-14T12:56:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5555"
},
{
"category": "workaround",
"details": "Users should ensure that secrets that do not contain characters that are excluded from encoding with `encodeURI` when included in a URL that is already masked properly.",
"product_ids": [
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:apache-commons-compress-0:1.21-1.2.el8ev.src",
"8Base-RHV-S-4.4:apache-commons-compress-javadoc-0:1.21-1.2.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.5.1.2-0.11.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.3-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.3-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.4-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.6-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:postgresql-jdbc-0:42.2.14-1.el8ev.src",
"8Base-RHV-S-4.4:postgresql-jdbc-javadoc-0:42.2.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.14-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.5.1.2-0.11.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.5.0-1.el8ev.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.9.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding"
}
]
}
RHSA-2022_5483
Vulnerability from csaf_redhat - Published: 2022-07-01 09:52 - Updated: 2024-12-10 17:36Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.7.2 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.7.2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5483",
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2038898",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038898"
},
{
"category": "external",
"summary": "2040693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040693"
},
{
"category": "external",
"summary": "2040695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040695"
},
{
"category": "external",
"summary": "2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "2048537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048537"
},
{
"category": "external",
"summary": "2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "2055658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055658"
},
{
"category": "external",
"summary": "2056962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056962"
},
{
"category": "external",
"summary": "2058172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058172"
},
{
"category": "external",
"summary": "2058529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058529"
},
{
"category": "external",
"summary": "2061335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061335"
},
{
"category": "external",
"summary": "2062266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062266"
},
{
"category": "external",
"summary": "2062862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062862"
},
{
"category": "external",
"summary": "2074675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074675"
},
{
"category": "external",
"summary": "2076593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076593"
},
{
"category": "external",
"summary": "2076599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076599"
},
{
"category": "external",
"summary": "2078459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078459"
},
{
"category": "external",
"summary": "2079252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079252"
},
{
"category": "external",
"summary": "2082221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082221"
},
{
"category": "external",
"summary": "2082225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082225"
},
{
"category": "external",
"summary": "2088022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088022"
},
{
"category": "external",
"summary": "2088026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088026"
},
{
"category": "external",
"summary": "2089126",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089126"
},
{
"category": "external",
"summary": "2089411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089411"
},
{
"category": "external",
"summary": "2089859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089859"
},
{
"category": "external",
"summary": "2090317",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090317"
},
{
"category": "external",
"summary": "2096939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096939"
},
{
"category": "external",
"summary": "2100486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100486"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5483.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-10T17:36:45+00:00",
"generator": {
"date": "2024-12-10T17:36:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:5483",
"initial_release_date": "2022-07-01T09:52:30+00:00",
"revision_history": [
{
"date": "2022-07-01T09:52:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-07-01T09:52:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-10T17:36:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.7",
"product": {
"name": "8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.7.2-5"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"product": {
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"product_id": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-legacy-rhel8-operator\u0026tag=v1.7.2-19"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.7.2-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.7.2-2"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.7.2-18"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.7.2-19"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.7.2-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.7.2-9"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8\u0026tag=v1.7.2-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8\u0026tag=v1.7.2-2"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"product": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8\u0026tag=v1.7.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64"
},
"product_reference": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
},
"product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-01T09:52:30+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2022-0235",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044591"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-fetch: exposure of sensitive information to an unauthorized actor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "RHBZ#2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
"url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-01T09:52:30+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-fetch: exposure of sensitive information to an unauthorized actor"
},
{
"cve": "CVE-2022-0536",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-02-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053259"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0536"
},
{
"category": "external",
"summary": "RHBZ#2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536"
}
],
"release_date": "2022-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-01T09:52:30+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:12634213bd9cc156040443170c744d5d74bf0fbfc09a003fd24687265802315d_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:49c4d1d018cfe3cf36b1e32e3b5ff786d67032005a27a9f3918f94a0c43a2a16_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:6f882ba9232f847055af791246fbe9da70ffae4b478bc6a7bba90d7d21cf7946_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:aadfd9a92a70a1d18ebcdefe6c9ce9a8e7ab7e8b7d1a5e73a062d99d18997e0e_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:44309e4ecd3e796de6659864bd6aedac334d14ad1adf2ce65fe9ac1c9d889d91_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:697a0375f3ff849b4b3d17c203ba8df25d194482655932de7af1bdd35b4cc07a_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:7ac7b18d9c211169962890a2333fd72974406dbd8942feb8c9df0e05929bbb7b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:f54941290c1381334b4767a0e13d3e3f7c415f7391f676b70628d898d6ff4cb2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:7240fbb6ab13949cbc48485e0c30b6e7082f4e0bd505173cf0c33926c98720d9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:647fd52462128ba60ae9db9d3b1a8c3559dd944f43ca19126478d60d998bf029_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:5e829c1a838510d26a31a4a6e459bb1daabf145a17e1df62dbf137dadd4cb5b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:3ca8294a9be3ca32a25f9083661fcae16a297a8cb487a9c30e9397f172f6edc9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:03191a4eba3db81aa04c6f28419b685ab4f877ef9db29997dac098cb900ce3b4_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:b952ae7f6662ad82c054f213a19f243186059e787ae28243b504dd4f24a98610_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:f1e6241861004c7c0e4df612473e824bbb3431d85f25fa1b91e0889f511f504f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:3ea042d0a976879d939ec0d669855590b5b0ef0735623b31b21b21b2c4091d4c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak"
}
]
}
SUSE-SU-2022:0704-1
Vulnerability from csaf_suse - Published: 2022-03-03 17:27 - Updated: 2022-03-03 17:27Summary
Security update for nodejs8
Notes
Title of the patch
Security update for nodejs8
Description of the patch
This update for nodejs8 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
SUSE-2022-704,SUSE-SLE-Product-HPC-15-2022-704,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-704,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-704,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-704,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-704,SUSE-SLE-Product-SLES-15-2022-704,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-704,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-704,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-704,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-704,SUSE-SLE-Product-SLES_SAP-15-2022-704,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-704,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-704,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-704,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-704,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-704,SUSE-Storage-6-2022-704,SUSE-Storage-7-2022-704
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs8 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-704,SUSE-SLE-Product-HPC-15-2022-704,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-704,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-704,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-704,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-704,SUSE-SLE-Product-SLES-15-2022-704,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-704,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-704,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-704,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-704,SUSE-SLE-Product-SLES_SAP-15-2022-704,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-704,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-704,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-704,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-704,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-704,SUSE-Storage-6-2022-704,SUSE-Storage-7-2022-704",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0704-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0704-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220704-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0704-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010344.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs8",
"tracking": {
"current_release_date": "2022-03-03T17:27:07Z",
"generator": {
"date": "2022-03-03T17:27:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0704-1",
"initial_release_date": "2022-03-03T17:27:07Z",
"revision_history": [
{
"date": "2022-03-03T17:27:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.aarch64",
"product": {
"name": "nodejs8-8.17.0-10.19.2.aarch64",
"product_id": "nodejs8-8.17.0-10.19.2.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"product_id": "nodejs8-devel-8.17.0-10.19.2.aarch64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.aarch64",
"product": {
"name": "npm8-8.17.0-10.19.2.aarch64",
"product_id": "npm8-8.17.0-10.19.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.i586",
"product": {
"name": "nodejs8-8.17.0-10.19.2.i586",
"product_id": "nodejs8-8.17.0-10.19.2.i586"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.i586",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.i586",
"product_id": "nodejs8-devel-8.17.0-10.19.2.i586"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.i586",
"product": {
"name": "npm8-8.17.0-10.19.2.i586",
"product_id": "npm8-8.17.0-10.19.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-common-2.0-3.4.1.noarch",
"product": {
"name": "nodejs-common-2.0-3.4.1.noarch",
"product_id": "nodejs-common-2.0-3.4.1.noarch"
}
},
{
"category": "product_version",
"name": "nodejs8-docs-8.17.0-10.19.2.noarch",
"product": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch",
"product_id": "nodejs8-docs-8.17.0-10.19.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.ppc64le",
"product": {
"name": "nodejs8-8.17.0-10.19.2.ppc64le",
"product_id": "nodejs8-8.17.0-10.19.2.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"product_id": "nodejs8-devel-8.17.0-10.19.2.ppc64le"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.ppc64le",
"product": {
"name": "npm8-8.17.0-10.19.2.ppc64le",
"product_id": "npm8-8.17.0-10.19.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.s390x",
"product": {
"name": "nodejs8-8.17.0-10.19.2.s390x",
"product_id": "nodejs8-8.17.0-10.19.2.s390x"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.s390x",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.s390x",
"product_id": "nodejs8-devel-8.17.0-10.19.2.s390x"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.s390x",
"product": {
"name": "npm8-8.17.0-10.19.2.s390x",
"product_id": "npm8-8.17.0-10.19.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.x86_64",
"product": {
"name": "nodejs8-8.17.0-10.19.2.x86_64",
"product_id": "nodejs8-8.17.0-10.19.2.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"product_id": "nodejs8-devel-8.17.0-10.19.2.x86_64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.x86_64",
"product": {
"name": "npm8-8.17.0-10.19.2.x86_64",
"product_id": "npm8-8.17.0-10.19.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64"
},
"product_reference": "npm8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64"
},
"product_reference": "npm8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x"
},
"product_reference": "nodejs8-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64"
},
"product_reference": "npm8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "npm8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x"
},
"product_reference": "npm8-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "npm8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x"
},
"product_reference": "nodejs8-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "npm8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x"
},
"product_reference": "npm8-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-common-2.0-3.4.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch"
},
"product_reference": "nodejs-common-2.0-3.4.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64"
},
"product_reference": "npm8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:27:07Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:27:07Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:27:07Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:27:07Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs-common-2.0-3.4.1.noarch",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Enterprise Storage 7:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.aarch64",
"SUSE Enterprise Storage 7:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs-common-2.0-3.4.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm8-8.17.0-10.19.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Proxy 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Proxy 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Proxy 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Retail Branch Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Retail Branch Server 4.1:npm8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs-common-2.0-3.4.1.noarch",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:nodejs8-devel-8.17.0-10.19.2.x86_64",
"SUSE Manager Server 4.1:nodejs8-docs-8.17.0-10.19.2.noarch",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.ppc64le",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.s390x",
"SUSE Manager Server 4.1:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:27:07Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
SUSE-SU-2022:0569-1
Vulnerability from csaf_suse - Published: 2022-02-24 09:35 - Updated: 2022-02-24 09:35Summary
Security update for nodejs14
Notes
Title of the patch
Security update for nodejs14
Description of the patch
This update for nodejs14 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
SUSE-2022-569,SUSE-SLE-Module-Web-Scripting-12-2022-569
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs14",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs14 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-569,SUSE-SLE-Module-Web-Scripting-12-2022-569",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0569-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0569-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220569-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0569-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010307.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs14",
"tracking": {
"current_release_date": "2022-02-24T09:35:23Z",
"generator": {
"date": "2022-02-24T09:35:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0569-1",
"initial_release_date": "2022-02-24T09:35:23Z",
"revision_history": [
{
"date": "2022-02-24T09:35:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-6.24.1.aarch64",
"product": {
"name": "corepack14-14.19.0-6.24.1.aarch64",
"product_id": "corepack14-14.19.0-6.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-6.24.1.aarch64",
"product": {
"name": "nodejs14-14.19.0-6.24.1.aarch64",
"product_id": "nodejs14-14.19.0-6.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-6.24.1.aarch64",
"product": {
"name": "nodejs14-devel-14.19.0-6.24.1.aarch64",
"product_id": "nodejs14-devel-14.19.0-6.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-6.24.1.aarch64",
"product": {
"name": "npm14-14.19.0-6.24.1.aarch64",
"product_id": "npm14-14.19.0-6.24.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-6.24.1.i586",
"product": {
"name": "corepack14-14.19.0-6.24.1.i586",
"product_id": "corepack14-14.19.0-6.24.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-6.24.1.i586",
"product": {
"name": "nodejs14-14.19.0-6.24.1.i586",
"product_id": "nodejs14-14.19.0-6.24.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-6.24.1.i586",
"product": {
"name": "nodejs14-devel-14.19.0-6.24.1.i586",
"product_id": "nodejs14-devel-14.19.0-6.24.1.i586"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-6.24.1.i586",
"product": {
"name": "npm14-14.19.0-6.24.1.i586",
"product_id": "npm14-14.19.0-6.24.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs14-docs-14.19.0-6.24.1.noarch",
"product": {
"name": "nodejs14-docs-14.19.0-6.24.1.noarch",
"product_id": "nodejs14-docs-14.19.0-6.24.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-6.24.1.ppc64le",
"product": {
"name": "corepack14-14.19.0-6.24.1.ppc64le",
"product_id": "corepack14-14.19.0-6.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-6.24.1.ppc64le",
"product": {
"name": "nodejs14-14.19.0-6.24.1.ppc64le",
"product_id": "nodejs14-14.19.0-6.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-6.24.1.ppc64le",
"product": {
"name": "nodejs14-devel-14.19.0-6.24.1.ppc64le",
"product_id": "nodejs14-devel-14.19.0-6.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-6.24.1.ppc64le",
"product": {
"name": "npm14-14.19.0-6.24.1.ppc64le",
"product_id": "npm14-14.19.0-6.24.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-6.24.1.s390x",
"product": {
"name": "corepack14-14.19.0-6.24.1.s390x",
"product_id": "corepack14-14.19.0-6.24.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-6.24.1.s390x",
"product": {
"name": "nodejs14-14.19.0-6.24.1.s390x",
"product_id": "nodejs14-14.19.0-6.24.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-6.24.1.s390x",
"product": {
"name": "nodejs14-devel-14.19.0-6.24.1.s390x",
"product_id": "nodejs14-devel-14.19.0-6.24.1.s390x"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-6.24.1.s390x",
"product": {
"name": "npm14-14.19.0-6.24.1.s390x",
"product_id": "npm14-14.19.0-6.24.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-6.24.1.x86_64",
"product": {
"name": "corepack14-14.19.0-6.24.1.x86_64",
"product_id": "corepack14-14.19.0-6.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-6.24.1.x86_64",
"product": {
"name": "nodejs14-14.19.0-6.24.1.x86_64",
"product_id": "nodejs14-14.19.0-6.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-6.24.1.x86_64",
"product": {
"name": "nodejs14-devel-14.19.0-6.24.1.x86_64",
"product_id": "nodejs14-devel-14.19.0-6.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-6.24.1.x86_64",
"product": {
"name": "npm14-14.19.0-6.24.1.x86_64",
"product_id": "npm14-14.19.0-6.24.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-6.24.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64"
},
"product_reference": "nodejs14-14.19.0-6.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-6.24.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le"
},
"product_reference": "nodejs14-14.19.0-6.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-6.24.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x"
},
"product_reference": "nodejs14-14.19.0-6.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-6.24.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-6.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-6.24.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64"
},
"product_reference": "nodejs14-devel-14.19.0-6.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-6.24.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le"
},
"product_reference": "nodejs14-devel-14.19.0-6.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-6.24.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x"
},
"product_reference": "nodejs14-devel-14.19.0-6.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-6.24.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-6.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-6.24.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-6.24.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-6.24.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64"
},
"product_reference": "npm14-14.19.0-6.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-6.24.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le"
},
"product_reference": "npm14-14.19.0-6.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-6.24.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x"
},
"product_reference": "npm14-14.19.0-6.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-6.24.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
},
"product_reference": "npm14-14.19.0-6.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:23Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:23Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:23Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:23Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-devel-14.19.0-6.24.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs14-docs-14.19.0-6.24.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm14-14.19.0-6.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:23Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
SUSE-SU-2023:2578-1
Vulnerability from csaf_suse - Published: 2023-06-21 11:49 - Updated: 2023-06-21 11:49Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
bind:
- Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro
- There are no source changes
dracut-saltboot:
- Update to version 0.1.1681904360.84ef141
* Load network configuration even when missing protocol version (bsc#1210640)
grafana:
- Version update from 8.5.22 to 9.5.1 (jsc#PED-3694):
* Security fixes:
- CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)
- CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request parameter in proxy requests
(bnc#1210907)
- CVE-2022-36062: grafana: Fix RBAC folders/dashboards privilege escalation (bsc#1203596)
- CVE-2022-35957: grafana: Escalation from admin to server admin when auth proxy is used (bsc#1203597)
- CVE-2022-32149: Upgrade x/text to version unaffected by CVE-2022-32149 (bsc#1204501)
- CVE-2022-31107: grafana: OAuth account takeover (bsc#1201539)
- CVE-2022-31097: grafana: stored XSS vulnerability (bsc#1201535)
- CVE-2022-27664: go1.18,go1.19: net/http: handle server errors after sending GOAWAY (bsc#1203185)
- CVE-2022-0155: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
- CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method(bsc#1200480)
- CVE-2021-3918: json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes
('Prototype Pollution') (bsc#1192696)
- CVE-2021-3807: node-ansi-regex: Inefficient Regular Expression Complexity in chalk/ansi-regex (bsc#1192154)
- CVE-2020-7753: nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function
* Important changes:
- Default named retention policies won't be used to query.
Users who have a default named retention policy in their influxdb database, have to rename it to something else.
To change the hardcoded retention policy in the dashboard.json, users must then select the right retention policy
from dropdown and save the panel/dashboard.
- Grafana Alerting rules with NoDataState configuration set to Alerting will now respect 'For' duration.
- Users who use LDAP role sync to only sync Viewer, Editor and Admin roles, but grant Grafana Server Admin role
manually will not be able to do that anymore. After this change, LDAP role sync will override any manual changes
to Grafana Server Admin role assignments. If grafana_admin is left unset in LDAP role mapping configuration, it
will default to false.
- The InfluxDB backend migration feature toggle (influxdbBackendMigration) has been reintroduced in this version
as issues were discovered with backend processing of InfluxDB data. Unless this feature toggle is enabled, all
InfluxDB data will be parsed in the frontend. This frontend processing is the default behavior.
In Grafana 9.4.4, InfluxDB data parsing started to be handled in the backend. If you have upgraded to 9.4.4
and then added new transformations on InfluxDB data, those panels will fail to render. To resolve this either:
Remove the affected panel and re-create it or edit the `time` field as `Time` in `panel.json`
or `dashboard.json`
- The `@grafana/ui` package helper function `selectOptionInTest` used in frontend tests has been removed as it
caused testing libraries to be bundled in the production code of Grafana. If you were using this helper function
in your tests please update your code accordingly.
- Removed deprecated `checkHealth` prop from the `@grafana/e2e` `addDataSource` configuration. Previously this
value defaulted to `false`, and has not been used in end-to-end tests since Grafana 8.0.3.
- Removed the deprecated `LegacyBaseMap`, `LegacyValueMapping`, `LegacyValueMap`, and `LegacyRangeMap` types, and
`getMappedValue` function from grafana-data. See the documentation for the migration.
This change fixes a bug in Grafana where intermittent failure of database, network between Grafana and the
database, or error in querying the database would cause all alert rules to be unscheduled in Grafana.
Following this change scheduled alert rules are not updated unless the query is successful.
- The `get_alert_rules_duration_seconds` metric has been renamed to `schedule_query_alert_rules_duration_seconds`
- Any secret (data sources credential, alert manager credential, etc, etc) created or modified with Grafana v9.0
won't be decryptable from any previous version (by default) because the way encrypted secrets are stored into the
database has changed. Although secrets created or modified with previous versions will still be decryptable by
Grafana v9.0.
- If required, although generally discouraged, the `disableEnvelopeEncryption` feature toggle can be enabled to
keep envelope encryption disabled once updating to Grafana
- In case of need to rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any reason, after being
created or modified any secret with Grafana v9.0, the `envelopeEncryption` feature toggle will need to be enabled
to keep backwards compatibility (only from `v8.3.x` a bit unstable, from `8.5.x` stable).
- As a final attempt to deal with issues related with the aforementioned situations, the
`grafana-cli admin secrets-migration rollback` command has been designed to move back all the Grafana secrets
encrypted with envelope encryption to legacy encryption. So, after running that command it should be safe to
disable envelope encryption and/or roll back to a previous version of Grafana.
Alternatively or complementarily to all the points above, backing up the Grafana database before updating could
be a good idea to prevent disasters (although the risk of getting some secrets corrupted only applies to those
updates/created with after updating to Grafana v9.0).
- In Elasticsearch, browser access mode was deprecated in grafana 7.4.0 and removed in 9.0.0. If you used this mode
please switch to server access mode on the datasource configuration page.
- Environment variables passed from Grafana to external Azure plugins have been renamed:
`AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`,
`AZURE_MANAGED_IDENTITY_ENABLED` renamed to `GFAZPL_MANAGED_IDENTITY_ENABLED`,
`AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`.
There are no known plugins which were relying on these variables. Moving forward plugins should read Azure
settings only via Grafana Azure SDK which properly handles old and new environment variables.
- Removes support for for ElasticSearch versions after their end-of-life, currently versions < 7.10.0.
To continue to use ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.
- Application Insights and Insight Analytics queries in Azure Monitor were deprecated in Grafana 8.0 and finally
removed in 9.0. Deprecated queries will no longer be executed.
- grafana/ui: Button now specifies a default type='button'.
The `Button` component provided by @grafana/ui now specifies a default `type='button'` when no type is provided.
In previous versions, if the attribute was not specified for buttons associated with a `<form>` the
default value was `submit` per the specification. You can preserve the old behavior by explicitly setting the
type attribute: `<Button type='submit' />`
- The `Rename by regex` transformation has been improved to allow global patterns of the form
`/<stringToReplace>/g`.
Depending on the regex match used, this may cause some transformations to behave slightly differently. You can
guarantee the same behaviour as before by wrapping the `match` string in forward slashes (`/`), e.g. `(.*)` would
become `/(.*)/`
- `<Select />` menus will now portal to the document body by default. This is to give more consistent
behaviour when positioning and overlaying. If you were setting`menuShouldPortal={true}` before you can safely
remove that prop and behaviour will be the same. If you weren't explicitly setting that prop, there should be no
visible changes in behaviour but your tests may need updating. If you were setting `menuShouldPortal={false}`
this will continue to prevent the menu from portalling.
- Grafana alerting endpoint prefixed with `api/v1/rule/test` that tests a rule against a Corte/Loki data source now
expects the data source UID as a path parameter instead of the data source numeric identifier.
- Grafana alerting endpoints prefixed with `api/prometheus/` that proxy requests to a Cortex/Loki data source now
expect the data source UID as a path parameter instead of the data source numeric identifier.
- Grafana alerting endpoints prefixed with `api/ruler/` that proxy requests to a Cortex/Loki data source now expect
the data source UID as a path parameter instead of the data
- Grafana alerting endpoints prefixed with `api/alertmanager/` that proxy requests to an Alertmanager now expect
the data source UID as a path parameter instead of the data source numeric identifier.
- The format of log messages have been updated, `lvl` is now `level` and `eror`and `dbug` has been replaced with
`error` and `debug`. The precision of timestamps has been increased.
To smooth the transition, it is possible to opt-out of the new log format by enabling the feature toggle
`oldlog`.
This option will be removed in a future minor release.
- In the Loki data source, the dataframe format used to represent Loki logs-data has been changed to a more
efficient format. The query-result is represented by a single dataframe with a 'labels' column, instead of the
separate dataframes for every labels-value. When displaying such data in explore, or in a logs-panel in the
dashboard will continue to work without changes, but if the data was loaded into a different dashboard-panel, or
Transforms were used, adjustments may be necessary. For example, if you used the 'labels to fields'
transformation with the logs data, please switch to the 'extract fields' transformation.
* Deprecations:
- The `grafana_database_conn_*` metrics are deprecated, and will be removed in a future version of Grafana. Use
the `go_sql_stats_*` metrics instead.
- Support for compact Explore URLs is deprecated and will be removed in a future release. Until then, when
navigating to Explore using the deprecated format the URLs are automatically converted. If you have
existing links pointing to Explore update them using the format generated by Explore upon navigation.
You can identify a compact URL by its format. Compact URLs have the left (and optionally right) url parameter as
an array of strings, for example `&left=['now-1h','now'...]`. The standard explore URLs follow a key/value
pattern, for example `&left={'datasource':'test'...}`. Please be sure to check your dashboards for any
hardcoded links to Explore and update them to the standard URL pattern.
- Chore: Remove deprecated DataSourceAPI methods.
- Data: Remove deprecated types and functions from valueMappings.
- Elasticsearch: Remove browser access mode.
- Elasticsearch: Remove support for versions after their end of the life (<7.10.0).
- Explore: Remove support for legacy, compact format URLs.
- Graph: Deprecate Graph (old) and make it no longer a visualization option for new panels.
- `setExploreQueryField`, `setExploreMetricsQueryField` and `setExploreLogsQueryField` are now deprecated and will
be removed in a future release. If you need to set a different query editor for Explore, conditionally render
based on `props.app` in your regular query editor.
* Changes:
- User: Fix externalUserId not being populated.
If you used any of these components please use them from grafana/experimental from now on:
- AccessoryButton
- EditorFieldGroup
- EditorHeader
- EditorField
- EditorRow
- EditorList
- EditorRows
- EditorSwitch
- FlexItem
- Stack
- InlineSelect
- InputGroup
- Space
- Starting with 9.1.0, existing heatmap panels will start using a new implementation. This can be disabled by
setting the `useLegacyHeatmapPanel` feature flag to true. It can be tested on a single dashbobard by adding
`?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.
- Logger: Enable new logging format by default.
- Loki: Enable new visual query builder by default.
- Plugins: Remove plugin list panel.
- Install wrapper scripts under /usr/sbin
- Install actual binaries under /usr/libexec/grafana (or /usr/lib under older distributions) and create a simlink
for wrapper scripts and the service (which expect the binary to be under /usr/share/grafana/bin)
- Chore: Upgrade typescript to 4.6.4.
mgr-daemon:
- Version 4.3.7-1
* Update translation strings
spacecmd:
- Version 4.3.21-1
* fix argument parsing of distribution_update (bsc#1210458)
- Version 4.3.20-1
* Display activation key details after executing the corresponding command (bsc#1208719)
* Show targetted packages before actually removing them (bsc#1207830)
uyuni-common-libs:
- Version 4.3.8-1
* Allow default component for context manager
zypp-plugin-spacewalk:
- 1.0.14
* SPEC cleanup
Patchnames
SUSE-2023-2578,SUSE-SLE-Manager-Tools-15-2023-2578,SUSE-SLE-Manager-Tools-For-Micro-5-2023-2578,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2023-2578,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2023-2578,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2578,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2578,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2578,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2578,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2578,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2578,SUSE-Storage-7-2023-2578,openSUSE-SLE-15.4-2023-2578,openSUSE-SLE-15.5-2023-2578
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nbind:\n\n- Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro\n- There are no source changes \n \ndracut-saltboot:\n\n- Update to version 0.1.1681904360.84ef141 \n * Load network configuration even when missing protocol version (bsc#1210640)\n\ngrafana:\n \n- Version update from 8.5.22 to 9.5.1 (jsc#PED-3694):\n * Security fixes:\n - CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)\n - CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request parameter in proxy requests\n (bnc#1210907)\n - CVE-2022-36062: grafana: Fix RBAC folders/dashboards privilege escalation (bsc#1203596)\n - CVE-2022-35957: grafana: Escalation from admin to server admin when auth proxy is used (bsc#1203597)\n - CVE-2022-32149: Upgrade x/text to version unaffected by CVE-2022-32149 (bsc#1204501)\n - CVE-2022-31107: grafana: OAuth account takeover (bsc#1201539)\n - CVE-2022-31097: grafana: stored XSS vulnerability (bsc#1201535)\n - CVE-2022-27664: go1.18,go1.19: net/http: handle server errors after sending GOAWAY (bsc#1203185)\n - CVE-2022-0155: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor\n - CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method(bsc#1200480)\n - CVE-2021-3918: json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes\n (\u0027Prototype Pollution\u0027) (bsc#1192696)\n - CVE-2021-3807: node-ansi-regex: Inefficient Regular Expression Complexity in chalk/ansi-regex (bsc#1192154)\n - CVE-2020-7753: nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function \n * Important changes:\n - Default named retention policies won\u0027t be used to query.\n Users who have a default named retention policy in their influxdb database, have to rename it to something else.\n To change the hardcoded retention policy in the dashboard.json, users must then select the right retention policy\n from dropdown and save the panel/dashboard.\n - Grafana Alerting rules with NoDataState configuration set to Alerting will now respect \u0027For\u0027 duration.\n - Users who use LDAP role sync to only sync Viewer, Editor and Admin roles, but grant Grafana Server Admin role\n manually will not be able to do that anymore. After this change, LDAP role sync will override any manual changes\n to Grafana Server Admin role assignments. If grafana_admin is left unset in LDAP role mapping configuration, it\n will default to false.\n - The InfluxDB backend migration feature toggle (influxdbBackendMigration) has been reintroduced in this version\n as issues were discovered with backend processing of InfluxDB data. Unless this feature toggle is enabled, all\n InfluxDB data will be parsed in the frontend. This frontend processing is the default behavior. \n In Grafana 9.4.4, InfluxDB data parsing started to be handled in the backend. If you have upgraded to 9.4.4\n and then added new transformations on InfluxDB data, those panels will fail to render. To resolve this either:\n Remove the affected panel and re-create it or edit the `time` field as `Time` in `panel.json` \n or `dashboard.json`\n - The `@grafana/ui` package helper function `selectOptionInTest` used in frontend tests has been removed as it\n caused testing libraries to be bundled in the production code of Grafana. If you were using this helper function\n in your tests please update your code accordingly.\n - Removed deprecated `checkHealth` prop from the `@grafana/e2e` `addDataSource` configuration. Previously this\n value defaulted to `false`, and has not been used in end-to-end tests since Grafana 8.0.3.\n - Removed the deprecated `LegacyBaseMap`, `LegacyValueMapping`, `LegacyValueMap`, and `LegacyRangeMap` types, and\n `getMappedValue` function from grafana-data. See the documentation for the migration.\n This change fixes a bug in Grafana where intermittent failure of database, network between Grafana and the\n database, or error in querying the database would cause all alert rules to be unscheduled in Grafana. \n Following this change scheduled alert rules are not updated unless the query is successful.\n - The `get_alert_rules_duration_seconds` metric has been renamed to `schedule_query_alert_rules_duration_seconds`\n - Any secret (data sources credential, alert manager credential, etc, etc) created or modified with Grafana v9.0\n won\u0027t be decryptable from any previous version (by default) because the way encrypted secrets are stored into the\n database has changed. Although secrets created or modified with previous versions will still be decryptable by\n Grafana v9.0.\n - If required, although generally discouraged, the `disableEnvelopeEncryption` feature toggle can be enabled to\n keep envelope encryption disabled once updating to Grafana\n - In case of need to rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any reason, after being\n created or modified any secret with Grafana v9.0, the `envelopeEncryption` feature toggle will need to be enabled\n to keep backwards compatibility (only from `v8.3.x` a bit unstable, from `8.5.x` stable).\n - As a final attempt to deal with issues related with the aforementioned situations, the \n `grafana-cli admin secrets-migration rollback` command has been designed to move back all the Grafana secrets\n encrypted with envelope encryption to legacy encryption. So, after running that command it should be safe to\n disable envelope encryption and/or roll back to a previous version of Grafana.\n Alternatively or complementarily to all the points above, backing up the Grafana database before updating could\n be a good idea to prevent disasters (although the risk of getting some secrets corrupted only applies to those \n updates/created with after updating to Grafana v9.0).\n - In Elasticsearch, browser access mode was deprecated in grafana 7.4.0 and removed in 9.0.0. If you used this mode\n please switch to server access mode on the datasource configuration page.\n - Environment variables passed from Grafana to external Azure plugins have been renamed:\n `AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`,\n `AZURE_MANAGED_IDENTITY_ENABLED` renamed to `GFAZPL_MANAGED_IDENTITY_ENABLED`,\n `AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`.\n There are no known plugins which were relying on these variables. Moving forward plugins should read Azure\n settings only via Grafana Azure SDK which properly handles old and new environment variables.\n - Removes support for for ElasticSearch versions after their end-of-life, currently versions \u003c 7.10.0.\n To continue to use ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.\n - Application Insights and Insight Analytics queries in Azure Monitor were deprecated in Grafana 8.0 and finally\n removed in 9.0. Deprecated queries will no longer be executed.\n - grafana/ui: Button now specifies a default type=\u0027button\u0027.\n The `Button` component provided by @grafana/ui now specifies a default `type=\u0027button\u0027` when no type is provided.\n In previous versions, if the attribute was not specified for buttons associated with a `\u003cform\u003e` the\n default value was `submit` per the specification. You can preserve the old behavior by explicitly setting the\n type attribute: `\u003cButton type=\u0027submit\u0027 /\u003e`\n - The `Rename by regex` transformation has been improved to allow global patterns of the form \n `/\u003cstringToReplace\u003e/g`.\n Depending on the regex match used, this may cause some transformations to behave slightly differently. You can\n guarantee the same behaviour as before by wrapping the `match` string in forward slashes (`/`), e.g. `(.*)` would\n become `/(.*)/`\n - `\u003cSelect /\u003e` menus will now portal to the document body by default. This is to give more consistent\n behaviour when positioning and overlaying. If you were setting`menuShouldPortal={true}` before you can safely \n remove that prop and behaviour will be the same. If you weren\u0027t explicitly setting that prop, there should be no\n visible changes in behaviour but your tests may need updating. If you were setting `menuShouldPortal={false}`\n this will continue to prevent the menu from portalling.\n - Grafana alerting endpoint prefixed with `api/v1/rule/test` that tests a rule against a Corte/Loki data source now\n expects the data source UID as a path parameter instead of the data source numeric identifier.\n - Grafana alerting endpoints prefixed with `api/prometheus/` that proxy requests to a Cortex/Loki data source now\n expect the data source UID as a path parameter instead of the data source numeric identifier.\n - Grafana alerting endpoints prefixed with `api/ruler/` that proxy requests to a Cortex/Loki data source now expect\n the data source UID as a path parameter instead of the data\n - Grafana alerting endpoints prefixed with `api/alertmanager/` that proxy requests to an Alertmanager now expect\n the data source UID as a path parameter instead of the data source numeric identifier.\n - The format of log messages have been updated, `lvl` is now `level` and `eror`and `dbug` has been replaced with\n `error` and `debug`. The precision of timestamps has been increased.\n To smooth the transition, it is possible to opt-out of the new log format by enabling the feature toggle\n `oldlog`.\n This option will be removed in a future minor release.\n - In the Loki data source, the dataframe format used to represent Loki logs-data has been changed to a more\n efficient format. The query-result is represented by a single dataframe with a \u0027labels\u0027 column, instead of the\n separate dataframes for every labels-value. When displaying such data in explore, or in a logs-panel in the\n dashboard will continue to work without changes, but if the data was loaded into a different dashboard-panel, or\n Transforms were used, adjustments may be necessary. For example, if you used the \u0027labels to fields\u0027 \n transformation with the logs data, please switch to the \u0027extract fields\u0027 transformation.\n * Deprecations:\n - The `grafana_database_conn_*` metrics are deprecated, and will be removed in a future version of Grafana. Use \n the `go_sql_stats_*` metrics instead.\n - Support for compact Explore URLs is deprecated and will be removed in a future release. Until then, when\n navigating to Explore using the deprecated format the URLs are automatically converted. If you have\n existing links pointing to Explore update them using the format generated by Explore upon navigation.\n You can identify a compact URL by its format. Compact URLs have the left (and optionally right) url parameter as\n an array of strings, for example `\u0026left=[\u0027now-1h\u0027,\u0027now\u0027...]`. The standard explore URLs follow a key/value\n pattern, for example `\u0026left={\u0027datasource\u0027:\u0027test\u0027...}`. Please be sure to check your dashboards for any\n hardcoded links to Explore and update them to the standard URL pattern.\n - Chore: Remove deprecated DataSourceAPI methods.\n - Data: Remove deprecated types and functions from valueMappings.\n - Elasticsearch: Remove browser access mode.\n - Elasticsearch: Remove support for versions after their end of the life (\u003c7.10.0).\n - Explore: Remove support for legacy, compact format URLs.\n - Graph: Deprecate Graph (old) and make it no longer a visualization option for new panels.\n - `setExploreQueryField`, `setExploreMetricsQueryField` and `setExploreLogsQueryField` are now deprecated and will\n be removed in a future release. If you need to set a different query editor for Explore, conditionally render\n based on `props.app` in your regular query editor.\n * Changes:\n - User: Fix externalUserId not being populated.\n If you used any of these components please use them from grafana/experimental from now on:\n - AccessoryButton\n - EditorFieldGroup\n - EditorHeader\n - EditorField\n - EditorRow\n - EditorList\n - EditorRows\n - EditorSwitch\n - FlexItem\n - Stack\n - InlineSelect\n - InputGroup\n - Space\n - Starting with 9.1.0, existing heatmap panels will start using a new implementation. This can be disabled by\n setting the `useLegacyHeatmapPanel` feature flag to true. It can be tested on a single dashbobard by adding\n `?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.\n - Logger: Enable new logging format by default.\n - Loki: Enable new visual query builder by default.\n - Plugins: Remove plugin list panel.\n - Install wrapper scripts under /usr/sbin\n - Install actual binaries under /usr/libexec/grafana (or /usr/lib under older distributions) and create a simlink \n for wrapper scripts and the service (which expect the binary to be under /usr/share/grafana/bin)\n - Chore: Upgrade typescript to 4.6.4.\n\nmgr-daemon:\n\n- Version 4.3.7-1\n * Update translation strings\n\nspacecmd:\n\n- Version 4.3.21-1\n * fix argument parsing of distribution_update (bsc#1210458)\n- Version 4.3.20-1\n * Display activation key details after executing the corresponding command (bsc#1208719)\n * Show targetted packages before actually removing them (bsc#1207830)\n\nuyuni-common-libs:\n\n- Version 4.3.8-1\n * Allow default component for context manager\n\nzypp-plugin-spacewalk:\n\n- 1.0.14\n * SPEC cleanup\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2578,SUSE-SLE-Manager-Tools-15-2023-2578,SUSE-SLE-Manager-Tools-For-Micro-5-2023-2578,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2023-2578,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2023-2578,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2578,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2578,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2578,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2578,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2578,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2578,SUSE-Storage-7-2023-2578,openSUSE-SLE-15.4-2023-2578,openSUSE-SLE-15.5-2023-2578",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2578-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2578-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232578-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2578-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-June/029951.html"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1201535",
"url": "https://bugzilla.suse.com/1201535"
},
{
"category": "self",
"summary": "SUSE Bug 1201539",
"url": "https://bugzilla.suse.com/1201539"
},
{
"category": "self",
"summary": "SUSE Bug 1203185",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "self",
"summary": "SUSE Bug 1203596",
"url": "https://bugzilla.suse.com/1203596"
},
{
"category": "self",
"summary": "SUSE Bug 1203597",
"url": "https://bugzilla.suse.com/1203597"
},
{
"category": "self",
"summary": "SUSE Bug 1203599",
"url": "https://bugzilla.suse.com/1203599"
},
{
"category": "self",
"summary": "SUSE Bug 1204501",
"url": "https://bugzilla.suse.com/1204501"
},
{
"category": "self",
"summary": "SUSE Bug 1207830",
"url": "https://bugzilla.suse.com/1207830"
},
{
"category": "self",
"summary": "SUSE Bug 1208719",
"url": "https://bugzilla.suse.com/1208719"
},
{
"category": "self",
"summary": "SUSE Bug 1209645",
"url": "https://bugzilla.suse.com/1209645"
},
{
"category": "self",
"summary": "SUSE Bug 1210458",
"url": "https://bugzilla.suse.com/1210458"
},
{
"category": "self",
"summary": "SUSE Bug 1210640",
"url": "https://bugzilla.suse.com/1210640"
},
{
"category": "self",
"summary": "SUSE Bug 1210907",
"url": "https://bugzilla.suse.com/1210907"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31107 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-35957 page",
"url": "https://www.suse.com/security/cve/CVE-2022-35957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36062 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1387 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1387/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1410 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1410/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2023-06-21T11:49:43Z",
"generator": {
"date": "2023-06-21T11:49:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2578-1",
"initial_release_date": "2023-06-21T11:49:43Z",
"revision_history": [
{
"date": "2023-06-21T11:49:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "bind-9.16.6-150000.12.65.1.aarch64",
"product_id": "bind-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"product_id": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "bind-devel-9.16.6-150000.12.65.1.aarch64",
"product_id": "bind-devel-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"product_id": "bind-utils-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.1-150000.1.48.5.aarch64",
"product": {
"name": "grafana-9.5.1-150000.1.48.5.aarch64",
"product_id": "grafana-9.5.1-150000.1.48.5.aarch64"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"product_id": "libbind9-1600-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"product_id": "libdns1605-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libirs-devel-9.16.6-150000.12.65.1.aarch64",
"product_id": "libirs-devel-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"product_id": "libirs1601-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"product_id": "libisc1606-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"product_id": "libisccc1600-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"product_id": "libisccfg1600-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-150000.12.65.1.aarch64",
"product": {
"name": "libns1604-9.16.6-150000.12.65.1.aarch64",
"product_id": "libns1604-9.16.6-150000.12.65.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"product_id": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"product": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"product_id": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-150000.1.6.1.aarch64",
"product": {
"name": "python3-yarl-1.3.0-150000.1.6.1.aarch64",
"product_id": "python3-yarl-1.3.0-150000.1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-150000.1.12.3.aarch64",
"product": {
"name": "wire-0.5.0-150000.1.12.3.aarch64",
"product_id": "wire-0.5.0-150000.1.12.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-devel-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "bind-devel-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "bind-devel-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libns1604-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product": {
"name": "libns1604-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"product_id": "libns1604-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-150000.12.65.1.i586",
"product": {
"name": "bind-9.16.6-150000.12.65.1.i586",
"product_id": "bind-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-150000.12.65.1.i586",
"product": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.i586",
"product_id": "bind-chrootenv-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-150000.12.65.1.i586",
"product": {
"name": "bind-devel-9.16.6-150000.12.65.1.i586",
"product_id": "bind-devel-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-150000.12.65.1.i586",
"product": {
"name": "bind-utils-9.16.6-150000.12.65.1.i586",
"product_id": "bind-utils-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "grafana-9.5.1-150000.1.48.5.i586",
"product": {
"name": "grafana-9.5.1-150000.1.48.5.i586",
"product_id": "grafana-9.5.1-150000.1.48.5.i586"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.i586",
"product_id": "libbind9-1600-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libdns1605-9.16.6-150000.12.65.1.i586",
"product_id": "libdns1605-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libirs-devel-9.16.6-150000.12.65.1.i586",
"product_id": "libirs-devel-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libirs1601-9.16.6-150000.12.65.1.i586",
"product_id": "libirs1601-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libisc1606-9.16.6-150000.12.65.1.i586",
"product_id": "libisc1606-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libisccc1600-9.16.6-150000.12.65.1.i586",
"product_id": "libisccc1600-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.i586",
"product_id": "libisccfg1600-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-150000.12.65.1.i586",
"product": {
"name": "libns1604-9.16.6-150000.12.65.1.i586",
"product_id": "libns1604-9.16.6-150000.12.65.1.i586"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.i586",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.i586",
"product_id": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.i586"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.i586",
"product": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.i586",
"product_id": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.i586"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-150000.1.6.1.i586",
"product": {
"name": "python3-yarl-1.3.0-150000.1.6.1.i586",
"product_id": "python3-yarl-1.3.0-150000.1.6.1.i586"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-150000.1.12.3.i586",
"product": {
"name": "wire-0.5.0-150000.1.12.3.i586",
"product_id": "wire-0.5.0-150000.1.12.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-doc-9.16.6-150000.12.65.1.noarch",
"product": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch",
"product_id": "bind-doc-9.16.6-150000.12.65.1.noarch"
}
},
{
"category": "product_version",
"name": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"product": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"product_id": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch"
}
},
{
"category": "product_version",
"name": "mgr-daemon-4.3.7-150000.1.41.1.noarch",
"product": {
"name": "mgr-daemon-4.3.7-150000.1.41.1.noarch",
"product_id": "mgr-daemon-4.3.7-150000.1.41.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"product": {
"name": "python2-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"product_id": "python2-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-bind-9.16.6-150000.12.65.1.noarch",
"product": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch",
"product_id": "python3-bind-9.16.6-150000.12.65.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"product": {
"name": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"product_id": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.3.21-150000.3.98.1.noarch",
"product": {
"name": "spacecmd-4.3.21-150000.3.98.1.noarch",
"product_id": "spacecmd-4.3.21-150000.3.98.1.noarch"
}
},
{
"category": "product_version",
"name": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"product": {
"name": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"product_id": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "bind-9.16.6-150000.12.65.1.ppc64le",
"product_id": "bind-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"product_id": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "bind-devel-9.16.6-150000.12.65.1.ppc64le",
"product_id": "bind-devel-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "bind-utils-9.16.6-150000.12.65.1.ppc64le",
"product_id": "bind-utils-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-9.5.1-150000.1.48.5.ppc64le",
"product": {
"name": "grafana-9.5.1-150000.1.48.5.ppc64le",
"product_id": "grafana-9.5.1-150000.1.48.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libdns1605-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libdns1605-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libirs-devel-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libirs1601-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libirs1601-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libisc1606-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libisc1606-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libisccc1600-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-150000.12.65.1.ppc64le",
"product": {
"name": "libns1604-9.16.6-150000.12.65.1.ppc64le",
"product_id": "libns1604-9.16.6-150000.12.65.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"product_id": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"product": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"product_id": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-150000.1.6.1.ppc64le",
"product": {
"name": "python3-yarl-1.3.0-150000.1.6.1.ppc64le",
"product_id": "python3-yarl-1.3.0-150000.1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-150000.1.12.3.ppc64le",
"product": {
"name": "wire-0.5.0-150000.1.12.3.ppc64le",
"product_id": "wire-0.5.0-150000.1.12.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "bind-9.16.6-150000.12.65.1.s390x",
"product_id": "bind-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"product_id": "bind-chrootenv-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "bind-devel-9.16.6-150000.12.65.1.s390x",
"product_id": "bind-devel-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "bind-utils-9.16.6-150000.12.65.1.s390x",
"product_id": "bind-utils-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-9.5.1-150000.1.48.5.s390x",
"product": {
"name": "grafana-9.5.1-150000.1.48.5.s390x",
"product_id": "grafana-9.5.1-150000.1.48.5.s390x"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.s390x",
"product_id": "libbind9-1600-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libdns1605-9.16.6-150000.12.65.1.s390x",
"product_id": "libdns1605-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libirs-devel-9.16.6-150000.12.65.1.s390x",
"product_id": "libirs-devel-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libirs1601-9.16.6-150000.12.65.1.s390x",
"product_id": "libirs1601-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libisc1606-9.16.6-150000.12.65.1.s390x",
"product_id": "libisc1606-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libisccc1600-9.16.6-150000.12.65.1.s390x",
"product_id": "libisccc1600-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.s390x",
"product_id": "libisccfg1600-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-150000.12.65.1.s390x",
"product": {
"name": "libns1604-9.16.6-150000.12.65.1.s390x",
"product_id": "libns1604-9.16.6-150000.12.65.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"product_id": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"product": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"product_id": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-150000.1.6.1.s390x",
"product": {
"name": "python3-yarl-1.3.0-150000.1.6.1.s390x",
"product_id": "python3-yarl-1.3.0-150000.1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-150000.1.12.3.s390x",
"product": {
"name": "wire-0.5.0-150000.1.12.3.s390x",
"product_id": "wire-0.5.0-150000.1.12.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "bind-9.16.6-150000.12.65.1.x86_64",
"product_id": "bind-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"product_id": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"product_id": "bind-devel-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "bind-devel-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"product_id": "bind-utils-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.1-150000.1.48.5.x86_64",
"product": {
"name": "grafana-9.5.1-150000.1.48.5.x86_64",
"product_id": "grafana-9.5.1-150000.1.48.5.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"product_id": "libbind9-1600-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"product_id": "libdns1605-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "libdns1605-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"product_id": "libirs-devel-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"product_id": "libirs1601-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "libirs1601-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"product_id": "libisc1606-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "libisc1606-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"product_id": "libisccc1600-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"product_id": "libisccfg1600-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64",
"product_id": "libns1604-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"product": {
"name": "libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"product_id": "libns1604-32bit-9.16.6-150000.12.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"product_id": "python2-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"product": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"product_id": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-150000.1.6.1.x86_64",
"product": {
"name": "python3-yarl-1.3.0-150000.1.6.1.x86_64",
"product_id": "python3-yarl-1.3.0-150000.1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-150000.1.12.3.x86_64",
"product": {
"name": "wire-0.5.0-150000.1.12.3.x86_64",
"product_id": "wire-0.5.0-150000.1.12.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-micro:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.2",
"product": {
"name": "SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.3",
"product": {
"name": "SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch"
},
"product_reference": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150000.1.48.5.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64"
},
"product_reference": "grafana-9.5.1-150000.1.48.5.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150000.1.48.5.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le"
},
"product_reference": "grafana-9.5.1-150000.1.48.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150000.1.48.5.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x"
},
"product_reference": "grafana-9.5.1-150000.1.48.5.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150000.1.48.5.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64"
},
"product_reference": "grafana-9.5.1-150000.1.48.5.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-daemon-4.3.7-150000.1.41.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch"
},
"product_reference": "mgr-daemon-4.3.7-150000.1.41.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64"
},
"product_reference": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le"
},
"product_reference": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x"
},
"product_reference": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64"
},
"product_reference": "python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
},
"product_reference": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.21-150000.3.98.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch"
},
"product_reference": "spacecmd-4.3.21-150000.3.98.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
},
"product_reference": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch"
},
"product_reference": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
},
"product_reference": "libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
},
"product_reference": "libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
},
"product_reference": "libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
},
"product_reference": "libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
},
"product_reference": "libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32"
},
"product_reference": "libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
},
"product_reference": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
},
"product_reference": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
},
"product_reference": "python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch"
},
"product_reference": "zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "bind-doc-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "bind-doc-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "bind-doc-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "bind-doc-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "bind-doc-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "bind-doc-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-150000.12.65.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "bind-doc-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-150000.12.65.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-150000.12.65.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch"
},
"product_reference": "python3-bind-9.16.6-150000.12.65.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch"
},
"product_reference": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-32bit-9.16.6-150000.12.65.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64"
},
"product_reference": "libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.21-150000.3.98.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch"
},
"product_reference": "spacecmd-4.3.21-150000.3.98.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64"
},
"product_reference": "wire-0.5.0-150000.1.12.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le"
},
"product_reference": "wire-0.5.0-150000.1.12.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x"
},
"product_reference": "wire-0.5.0-150000.1.12.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64"
},
"product_reference": "wire-0.5.0-150000.1.12.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch"
},
"product_reference": "dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.21-150000.3.98.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch"
},
"product_reference": "spacecmd-4.3.21-150000.3.98.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64"
},
"product_reference": "wire-0.5.0-150000.1.12.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le"
},
"product_reference": "wire-0.5.0-150000.1.12.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x"
},
"product_reference": "wire-0.5.0-150000.1.12.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wire-0.5.0-150000.1.12.3.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
},
"product_reference": "wire-0.5.0-150000.1.12.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-27664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27664"
}
],
"notes": [
{
"category": "general",
"text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27664",
"url": "https://www.suse.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "SUSE Bug 1203185 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "external",
"summary": "SUSE Bug 1203293 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-31097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31097"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31097",
"url": "https://www.suse.com/security/cve/CVE-2022-31097"
},
{
"category": "external",
"summary": "SUSE Bug 1201535 for CVE-2022-31097",
"url": "https://bugzilla.suse.com/1201535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2022-31097"
},
{
"cve": "CVE-2022-31107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31107"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user\u0027s external user id is not already associated with an account in Grafana, the malicious user\u0027s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user\u0027s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31107",
"url": "https://www.suse.com/security/cve/CVE-2022-31107"
},
{
"category": "external",
"summary": "SUSE Bug 1201539 for CVE-2022-31107",
"url": "https://bugzilla.suse.com/1201539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2022-31107"
},
{
"cve": "CVE-2022-32149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32149"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32149",
"url": "https://www.suse.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "SUSE Bug 1204501 for CVE-2022-32149",
"url": "https://bugzilla.suse.com/1204501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-35957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-35957"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-35957",
"url": "https://www.suse.com/security/cve/CVE-2022-35957"
},
{
"category": "external",
"summary": "SUSE Bug 1203597 for CVE-2022-35957",
"url": "https://bugzilla.suse.com/1203597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "moderate"
}
],
"title": "CVE-2022-35957"
},
{
"cve": "CVE-2022-36062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36062"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36062",
"url": "https://www.suse.com/security/cve/CVE-2022-36062"
},
{
"category": "external",
"summary": "SUSE Bug 1203596 for CVE-2022-36062",
"url": "https://bugzilla.suse.com/1203596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "moderate"
}
],
"title": "CVE-2022-36062"
},
{
"cve": "CVE-2022-41715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41715"
}
],
"notes": [
{
"category": "general",
"text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41715",
"url": "https://www.suse.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "SUSE Bug 1204023 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "external",
"summary": "SUSE Bug 1208441 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1208441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "moderate"
}
],
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-46146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46146"
}
],
"notes": [
{
"category": "general",
"text": "Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users\u0027 bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46146",
"url": "https://www.suse.com/security/cve/CVE-2022-46146"
},
{
"category": "external",
"summary": "SUSE Bug 1208046 for CVE-2022-46146",
"url": "https://bugzilla.suse.com/1208046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "important"
}
],
"title": "CVE-2022-46146"
},
{
"cve": "CVE-2023-1387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1387"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1387",
"url": "https://www.suse.com/security/cve/CVE-2023-1387"
},
{
"category": "external",
"summary": "SUSE Bug 1210907 for CVE-2023-1387",
"url": "https://bugzilla.suse.com/1210907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "moderate"
}
],
"title": "CVE-2023-1387"
},
{
"cve": "CVE-2023-1410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1410"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1410",
"url": "https://www.suse.com/security/cve/CVE-2023-1410"
},
{
"category": "external",
"summary": "SUSE Bug 1209645 for CVE-2023-1410",
"url": "https://bugzilla.suse.com/1209645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Enterprise Storage 7:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Enterprise Storage 7:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-chrootenv-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-doc-9.16.6-150000.12.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs-devel-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Client Tools 15:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.1-150000.1.48.5.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.7-150000.1.41.1.noarch",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.aarch64",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.ppc64le",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.s390x",
"SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.8-150000.1.33.1.x86_64",
"SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.21-150000.3.98.1.noarch",
"SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:bind-utils-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libbind9-1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libdns1605-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libirs1601-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisc1606-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccc1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-64bit-9.16.6-150000.12.65.1.aarch64_ilp32",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libisccfg1600-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:libns1604-9.16.6-150000.12.65.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:python3-bind-9.16.6-150000.12.65.1.noarch",
"SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.14-150000.3.35.1.noarch",
"openSUSE Leap 15.4:bind-devel-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.4:libbind9-1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libdns1605-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libirs1601-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisc1606-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccc1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libisccfg1600-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:libns1604-32bit-9.16.6-150000.12.65.1.x86_64",
"openSUSE Leap 15.4:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.4:wire-0.5.0-150000.1.12.3.x86_64",
"openSUSE Leap 15.5:dracut-saltboot-0.1.1681904360.84ef141-150000.1.50.1.noarch",
"openSUSE Leap 15.5:spacecmd-4.3.21-150000.3.98.1.noarch",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.aarch64",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.ppc64le",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.s390x",
"openSUSE Leap 15.5:wire-0.5.0-150000.1.12.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:49:43Z",
"details": "moderate"
}
],
"title": "CVE-2023-1410"
}
]
}
SUSE-RU-2024:0511-1
Vulnerability from csaf_suse - Published: 2024-02-15 13:42 - Updated: 2024-02-15 13:42Summary
Recommended update for grafana
Notes
Title of the patch
Recommended update for grafana
Description of the patch
This update for grafana fixes the following issues:
- Fixed changelog entries for the Bugzilla trackers related to previously implemented security fixes
(no source code changes)
Patchnames
SUSE-2024-511,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-511,openSUSE-SLE-15.5-2024-511
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for grafana",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for grafana fixes the following issues:\n\n- Fixed changelog entries for the Bugzilla trackers related to previously implemented security fixes \n (no source code changes)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-511,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-511,openSUSE-SLE-15.5-2024-511",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2024_0511-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2024:0511-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20240511-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2024:0511-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-February/034231.html"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1218843",
"url": "https://bugzilla.suse.com/1218843"
},
{
"category": "self",
"summary": "SUSE Bug 1218844",
"url": "https://bugzilla.suse.com/1218844"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
}
],
"title": "Recommended update for grafana",
"tracking": {
"current_release_date": "2024-02-15T13:42:44Z",
"generator": {
"date": "2024-02-15T13:42:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2024:0511-1",
"initial_release_date": "2024-02-15T13:42:44Z",
"revision_history": [
{
"date": "2024-02-15T13:42:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.8-150200.3.53.2.aarch64",
"product": {
"name": "grafana-9.5.8-150200.3.53.2.aarch64",
"product_id": "grafana-9.5.8-150200.3.53.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.8-150200.3.53.2.i586",
"product": {
"name": "grafana-9.5.8-150200.3.53.2.i586",
"product_id": "grafana-9.5.8-150200.3.53.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.8-150200.3.53.2.ppc64le",
"product": {
"name": "grafana-9.5.8-150200.3.53.2.ppc64le",
"product_id": "grafana-9.5.8-150200.3.53.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.8-150200.3.53.2.s390x",
"product": {
"name": "grafana-9.5.8-150200.3.53.2.s390x",
"product_id": "grafana-9.5.8-150200.3.53.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.8-150200.3.53.2.x86_64",
"product": {
"name": "grafana-9.5.8-150200.3.53.2.x86_64",
"product_id": "grafana-9.5.8-150200.3.53.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150200.3.53.2.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
},
"product_reference": "grafana-9.5.8-150200.3.53.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:42:44Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:42:44Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:42:44Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:42:44Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.8-150200.3.53.2.x86_64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.aarch64",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.s390x",
"openSUSE Leap 15.5:grafana-9.5.8-150200.3.53.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:42:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
}
]
}
SUSE-SU-2024:0486-1
Vulnerability from csaf_suse - Published: 2024-02-15 13:35 - Updated: 2024-02-15 13:35Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-lusitaniae-apache_exporter:
- Do not strip if SUSE Linux Enterprise 15 SP3
- Exclude debug for Red Hat Enterprise Linux >= 8
- Build with Go >= 1.20 when the OS is not Red Hat Enterprise Linux
golang-github-prometheus-alertmanager:
- Create position independent executables (PIE)
- Add System/Monitoring group tag
- Update to version 0.26.0 (jsc#PED-7353):
https://github.com/prometheus/alertmanager/releases/tag/v0.26.0
* CVE-2023-40577: Fix stored XSS via the /api/v1/alerts endpoint
in the Alertmanager UI (bsc#1218838)
* Configuration: Fix empty list of receivers and inhibit_rules
would cause the alertmanager to crash
* Templating: Fixed a race condition when using the title
function. It is now race-safe
* API: Fixed duplicate receiver names in the api/v2/receivers API
endpoint
* API: Attempting to delete a silence now returns the correct
status code, 404 instead of 500
* Clustering: Fixes a panic when tls_client_config is empty
* Webhook: url is now marked as a secret. It will no longer show
up in the logs as clear-text
* Metrics: New label reason for
alertmanager_notifications_failed_total metric to indicate the
type of error of the alert delivery
* Clustering: New flag --cluster.label, to help to block any
traffic that is not meant for the cluster
* Integrations: Add Microsoft Teams as a supported integration
- Update to version 0.25.0:
https://github.com/prometheus/alertmanager/releases/tag/v0.25.0
* Fail configuration loading if api_key and api_key_file are
defined at the same time
* Fix the alertmanager_alerts metric to avoid counting resolved
alerts as active. Also added a new alertmanager_marked_alerts
metric that retain the old behavior
* Trim contents of Slack API URLs when reading from files
* amtool: Avoid panic when the label value matcher is empty
* Fail configuration loading if api_url is empty for OpsGenie
* Fix email template for resolved notifications
* Add proxy_url support for OAuth2 in HTTP client configuration
* Reload TLS certificate and key from disk when updated
* Add Discord integration
* Add Webex integration
* Add min_version support to select the minimum TLS version in
HTTP client configuration
* Add max_version support to select the maximum TLS version in
* Emit warning logs when truncating messages in notifications
* Support HEAD method for the /-/healty and /-/ready endpoints
* Add support for reading global and local SMTP passwords from
files
* UI: Add 'Link' button to alerts in list
* UI: Allow to choose the first day of the week as Sunday or
Monday
- Update to version 0.24.0:
https://github.com/prometheus/alertmanager/releases/tag/v0.24.0
* Fix HTTP client configuration for the SNS receiver
* Fix unclosed file descriptor after reading the silences
snapshot file
* Fix field names for mute_time_intervals in JSON marshaling
* Ensure that the root route doesn't have any matchers
* Truncate the message's title to 1024 chars to avoid hitting
Slack limits
* Fix the default HTML email template (email.default.html) to
match with the canonical source
* Detect SNS FIFO topic based on the rendered value
* Avoid deleting and recreating a silence when an update is
possible
* api/v2: Return 200 OK when deleting an expired silence
* amtool: Fix the silence's end date when adding a silence. The
end date is (start date + duration) while it used to be
(current time + duration). The new behavior is consistent with
the update operation
* Add the /api/v2 prefix to all endpoints in the OpenAPI
specification and generated client code
* Add --cluster.tls-config experimental flag to secure cluster
traffic via mutual TLS
* Add Telegram integration
mgr-daemon:
- Version 4.3.8-1
* Update translation strings
prometheus-postgres_exporter:
- Remove duplicated call to systemd requirements
- Do not build debug if Red Hat Enterprise Linux >= 8
- Do not strip if SUSE Linux Enterprise 15 SP3
- Build at least with with Go >= 1.18 on Red Hat Enterprise Linux
- Build with Go >= 1.20 elsewhere
spacecmd:
- Version 4.3.26-1
* Update translation strings
spacewalk-client-tools:
- Version 4.3.18-1
* Update translation strings
Patchnames
SUSE-2024-486,SUSE-SLE-Manager-Tools-12-2024-486
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Exclude debug for Red Hat Enterprise Linux \u003e= 8\n- Build with Go \u003e= 1.20 when the OS is not Red Hat Enterprise Linux\n\ngolang-github-prometheus-alertmanager:\n\n- Create position independent executables (PIE)\n- Add System/Monitoring group tag\n- Update to version 0.26.0 (jsc#PED-7353):\n https://github.com/prometheus/alertmanager/releases/tag/v0.26.0\n * CVE-2023-40577: Fix stored XSS via the /api/v1/alerts endpoint\n in the Alertmanager UI (bsc#1218838)\n * Configuration: Fix empty list of receivers and inhibit_rules\n would cause the alertmanager to crash\n * Templating: Fixed a race condition when using the title\n function. It is now race-safe\n * API: Fixed duplicate receiver names in the api/v2/receivers API\n endpoint\n * API: Attempting to delete a silence now returns the correct\n status code, 404 instead of 500\n * Clustering: Fixes a panic when tls_client_config is empty\n * Webhook: url is now marked as a secret. It will no longer show\n up in the logs as clear-text\n * Metrics: New label reason for\n alertmanager_notifications_failed_total metric to indicate the\n type of error of the alert delivery\n * Clustering: New flag --cluster.label, to help to block any\n traffic that is not meant for the cluster\n * Integrations: Add Microsoft Teams as a supported integration\n- Update to version 0.25.0:\n https://github.com/prometheus/alertmanager/releases/tag/v0.25.0\n * Fail configuration loading if api_key and api_key_file are\n defined at the same time\n * Fix the alertmanager_alerts metric to avoid counting resolved\n alerts as active. Also added a new alertmanager_marked_alerts\n metric that retain the old behavior\n * Trim contents of Slack API URLs when reading from files\n * amtool: Avoid panic when the label value matcher is empty\n * Fail configuration loading if api_url is empty for OpsGenie\n * Fix email template for resolved notifications\n * Add proxy_url support for OAuth2 in HTTP client configuration\n * Reload TLS certificate and key from disk when updated\n * Add Discord integration\n * Add Webex integration\n * Add min_version support to select the minimum TLS version in\n HTTP client configuration\n * Add max_version support to select the maximum TLS version in\n * Emit warning logs when truncating messages in notifications\n * Support HEAD method for the /-/healty and /-/ready endpoints\n * Add support for reading global and local SMTP passwords from\n files\n * UI: Add \u0027Link\u0027 button to alerts in list\n * UI: Allow to choose the first day of the week as Sunday or\n Monday\n- Update to version 0.24.0:\n https://github.com/prometheus/alertmanager/releases/tag/v0.24.0\n * Fix HTTP client configuration for the SNS receiver\n * Fix unclosed file descriptor after reading the silences\n snapshot file\n * Fix field names for mute_time_intervals in JSON marshaling\n * Ensure that the root route doesn\u0027t have any matchers\n * Truncate the message\u0027s title to 1024 chars to avoid hitting\n Slack limits\n * Fix the default HTML email template (email.default.html) to\n match with the canonical source\n * Detect SNS FIFO topic based on the rendered value\n * Avoid deleting and recreating a silence when an update is\n possible\n * api/v2: Return 200 OK when deleting an expired silence\n * amtool: Fix the silence\u0027s end date when adding a silence. The\n end date is (start date + duration) while it used to be\n (current time + duration). The new behavior is consistent with\n the update operation\n * Add the /api/v2 prefix to all endpoints in the OpenAPI\n specification and generated client code\n * Add --cluster.tls-config experimental flag to secure cluster\n traffic via mutual TLS\n * Add Telegram integration\n\nmgr-daemon:\n\n- Version 4.3.8-1\n * Update translation strings\n\nprometheus-postgres_exporter:\n\n- Remove duplicated call to systemd requirements\n- Do not build debug if Red Hat Enterprise Linux \u003e= 8\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Build at least with with Go \u003e= 1.18 on Red Hat Enterprise Linux\n- Build with Go \u003e= 1.20 elsewhere\n\nspacecmd:\n\n- Version 4.3.26-1\n * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 4.3.18-1\n * Update translation strings\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-486,SUSE-SLE-Manager-Tools-12-2024-486",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0486-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0486-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240486-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0486-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017932.html"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1193492",
"url": "https://bugzilla.suse.com/1193492"
},
{
"category": "self",
"summary": "SUSE Bug 1193686",
"url": "https://bugzilla.suse.com/1193686"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1204023",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "self",
"summary": "SUSE Bug 1218838",
"url": "https://bugzilla.suse.com/1218838"
},
{
"category": "self",
"summary": "SUSE Bug 1218843",
"url": "https://bugzilla.suse.com/1218843"
},
{
"category": "self",
"summary": "SUSE Bug 1218844",
"url": "https://bugzilla.suse.com/1218844"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43798 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43815 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-40577 page",
"url": "https://www.suse.com/security/cve/CVE-2023-40577/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2024-02-15T13:35:33Z",
"generator": {
"date": "2024-02-15T13:35:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0486-1",
"initial_release_date": "2024-02-15T13:35:33Z",
"revision_history": [
{
"date": "2024-02-15T13:35:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-1.60.1.aarch64",
"product": {
"name": "grafana-9.5.8-1.60.1.aarch64",
"product_id": "grafana-9.5.8-1.60.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"product_id": "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.i586",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.i586",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.i586",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.i586",
"product_id": "golang-github-prometheus-prometheus-2.45.0-1.50.2.i586"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-1.60.1.i586",
"product": {
"name": "grafana-9.5.8-1.60.1.i586",
"product_id": "grafana-9.5.8-1.60.1.i586"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.i586",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.i586",
"product_id": "prometheus-postgres_exporter-0.10.1-1.17.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "mgr-daemon-4.3.8-1.44.2.noarch",
"product": {
"name": "mgr-daemon-4.3.8-1.44.2.noarch",
"product_id": "mgr-daemon-4.3.8-1.44.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-check-4.3.18-52.95.2.noarch",
"product": {
"name": "python2-spacewalk-check-4.3.18-52.95.2.noarch",
"product_id": "python2-spacewalk-check-4.3.18-52.95.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"product": {
"name": "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"product_id": "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"product": {
"name": "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"product_id": "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.3.26-38.136.2.noarch",
"product": {
"name": "spacecmd-4.3.26-38.136.2.noarch",
"product_id": "spacecmd-4.3.26-38.136.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-4.3.18-52.95.2.noarch",
"product": {
"name": "spacewalk-check-4.3.18-52.95.2.noarch",
"product_id": "spacewalk-check-4.3.18-52.95.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-4.3.18-52.95.2.noarch",
"product": {
"name": "spacewalk-client-setup-4.3.18-52.95.2.noarch",
"product_id": "spacewalk-client-setup-4.3.18-52.95.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-4.3.18-52.95.2.noarch",
"product": {
"name": "spacewalk-client-tools-4.3.18-52.95.2.noarch",
"product_id": "spacewalk-client-tools-4.3.18-52.95.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"product_id": "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-1.60.1.ppc64le",
"product": {
"name": "grafana-9.5.8-1.60.1.ppc64le",
"product_id": "grafana-9.5.8-1.60.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"product_id": "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"product_id": "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-1.60.1.s390x",
"product": {
"name": "grafana-9.5.8-1.60.1.s390x",
"product_id": "grafana-9.5.8-1.60.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"product_id": "prometheus-postgres_exporter-0.10.1-1.17.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-1.60.1.x86_64",
"product": {
"name": "grafana-9.5.8-1.60.1.x86_64",
"product_id": "grafana-9.5.8-1.60.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"product_id": "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 12",
"product": {
"name": "SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-1.60.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64"
},
"product_reference": "grafana-9.5.8-1.60.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-1.60.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le"
},
"product_reference": "grafana-9.5.8-1.60.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-1.60.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x"
},
"product_reference": "grafana-9.5.8-1.60.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-1.60.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64"
},
"product_reference": "grafana-9.5.8-1.60.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-daemon-4.3.8-1.44.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch"
},
"product_reference": "mgr-daemon-4.3.8-1.44.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-check-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch"
},
"product_reference": "python2-spacewalk-check-4.3.18-52.95.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch"
},
"product_reference": "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch"
},
"product_reference": "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.26-38.136.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch"
},
"product_reference": "spacecmd-4.3.26-38.136.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch"
},
"product_reference": "spacewalk-check-4.3.18-52.95.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch"
},
"product_reference": "spacewalk-client-setup-4.3.18-52.95.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
},
"product_reference": "spacewalk-client-tools-4.3.18-52.95.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2021-43798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43798"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `\u003cgrafana_host_url\u003e/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43798",
"url": "https://www.suse.com/security/cve/CVE-2021-43798"
},
{
"category": "external",
"summary": "SUSE Bug 1193492 for CVE-2021-43798",
"url": "https://bugzilla.suse.com/1193492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "important"
}
],
"title": "CVE-2021-43798"
},
{
"cve": "CVE-2021-43815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43815"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43815",
"url": "https://www.suse.com/security/cve/CVE-2021-43815"
},
{
"category": "external",
"summary": "SUSE Bug 1193686 for CVE-2021-43815",
"url": "https://bugzilla.suse.com/1193686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "moderate"
}
],
"title": "CVE-2021-43815"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-41715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41715"
}
],
"notes": [
{
"category": "general",
"text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41715",
"url": "https://www.suse.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "SUSE Bug 1204023 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "external",
"summary": "SUSE Bug 1208441 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1208441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "moderate"
}
],
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2023-40577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-40577"
}
],
"notes": [
{
"category": "general",
"text": "Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-40577",
"url": "https://www.suse.com/security/cve/CVE-2023-40577"
},
{
"category": "external",
"summary": "SUSE Bug 1218838 for CVE-2023-40577",
"url": "https://bugzilla.suse.com/1218838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x",
"SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x",
"SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x",
"SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64",
"SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch",
"SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:35:33Z",
"details": "important"
}
],
"title": "CVE-2023-40577"
}
]
}
SUSE-SU-2024:0196-1
Vulnerability from csaf_suse - Published: 2024-01-23 15:20 - Updated: 2024-01-23 15:20Summary
Security Beta update for SUSE Manager Client Tools and Salt
Notes
Title of the patch
Security Beta update for SUSE Manager Client Tools and Salt
Description of the patch
This update fixes the following issues:
ansible:
- Update to version 2.9.27 (jsc#SLE-23631) (jsc#SLE-24133)
* bsc#1187725 CVE-2021-3620 ansible-connection module discloses sensitive
info in traceback error message (in 2.9.27)
* bsc#1188061 CVE-2021-3583 Template Injection through yaml multi-line
strings with ansible facts used in template. (in 2.9.23)
* bsc#1176460 gh#ansible/ansible#72094 ansible module nmcli is broken in
ansible 2.9.13 (in 2.9.15)
- Update to 2.9.22:
* CVE-2021-3447 (bsc#1183684) multiple modules expose secured values
* CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option
* CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values
* CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values
* CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module
dracut-saltboot:
- Update to version 0.1.1681904360.84ef141
* Load network configuration even when missing protocol version
(bsc#1210640)
- Update to verion 0.1.1674034019.a93ff61
* Install copied wicked config as client.xml (bsc#1205599)
- Update to version 0.1.1673279145.e7616bd
* Add failsafe stop file when salt-minion does not stop (bsc#1172110)
* Copy existing wicked config instead of generating new (bsc#1205599)
- Update to version 0.1.1665997480.587fa10
* Add dependencies on xz and gzip to support compressed images
- Update to version 0.1.1661440542.6cbe0da
* Use standard susemanager.conf
* Move image services to dracut-saltboot package
* Use salt bundle
- Require e2fsprogs (bsc#1202614)
- Update to version 0.1.1657643023.0d694ce
* Update dracut-saltboot dependencies (bsc#1200970)
* Fix network loading when ipappend is used in pxe config
* Add new information messages
golang-github-QubitProducts-exporter_exporter:
- Remove license file from %doc
- Exclude s390 arch
- Adapted to build on Enterprise Linux.
- Fix build for RedHat 7
- Require Go >= 1.14 also for CentOS
- Add support for CentOS
- Replace %{?systemd_requires} with %{?systemd_ordering}
golang-github-boynux-squid_exporter:
- Exclude s390 architecture (gh#SUSE/spacewalk#19050)
- Enhanced to build on Enterprise Linux 8.
golang-github-lusitaniae-apache_exporter:
- Do not strip if SUSE Linux Enterprise 15 SP3
- Exclude debug for RHEL >= 8
- Build with Go >= 1.20 when the OS is not RHEL
- Spec file clean up
- Fix apparmor profile for SLE 12
- Do not build with apparmor profile for SLE 12
- Upgrade to version 1.0.0 (jsc#PED-5405)
* Improved flag parsing
* Added support for custom headers
- Build with Go 1.19
- Build using promu
- Add _service file
- Fix sandboxing options
- Upgrade to version 0.13.4
* Fix denial of service vulnerability
(CVE-2022-32149, bsc#1204501)
- Upgrade to version 0.13.3
* Fix uncontrolled resource consumption
(CVE-2022-41723, bsc#1208270)
- Upgrade to version 0.13.1
* Fix panic caused by missing flagConfig options
- Upgrade to version 0.13.0
* Fix authentication bypass vulnarability
(CVE-2022-46146, bsc#1208046)
- Corrected comment in AppArmor profile
- Added AppArmor profile
- Added sandboxing options to systemd service unit
- Exclude s390 architecture (gh#SUSE/spacewalk#19050)
- Update to upstream release 0.11.0 (jsc#SLE-24791)
* Add TLS support
* Switch to logger, please check --log.level and --log.format
flags
- Update to version 0.10.1
* Bugfix: Reset ProxyBalancer metrics on each scrape to
remove stale data
- Update to version 0.10.0
* Add Apache Proxy and other metrics
- Update to version 0.8.0
* Change commandline flags
* Add metrics: Apache version, request duration total
- Adapted to build on Enterprise Linux 8
- Require building with Go 1.15
- Add support for RedHat 8
+ Adjust dependencies on spec file
+ Disable dwarf compression in go build
- Add support for Red Hat
- Add %license macro for LICENSE file
golang-github-prometheus-prometheus:
- Update to 2.45.0 (jsc#PED-5406):
* [FEATURE] API: New limit parameter to limit the number of items
returned by `/api/v1/status/tsdb` endpoint.
* [FEATURE] Config: Add limits to global config.
* [FEATURE] Consul SD: Added support for `path_prefix`.
* [FEATURE] Native histograms: Add option to scrape both classic
and native histograms.
* [FEATURE] Native histograms: Added support for two more
arithmetic operators `avg_over_time` and `sum_over_time`.
* [FEATURE] Promtool: When providing the block id, only one block
will be loaded and analyzed.
* [FEATURE] Remote-write: New Azure ad configuration to support
remote writing directly to Azure Monitor workspace.
* [FEATURE] TSDB: Samples per chunk are now configurable with
flag `storage.tsdb.samples-per-chunk`. By default set to its
former value 120.
* [ENHANCEMENT] Native histograms: bucket size can now be limited
to avoid scrape fails.
* [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL
sooner.
* [BUGFIX] Native histograms: ChunkSeries iterator now checks if
a new sample can be appended to the open chunk.
* [BUGFIX] Native histograms: Fix Histogram Appender
`Appendable()` segfault.
* [BUGFIX] Native histograms: Fix setting reset header to gauge
histograms in seriesToChunkEncoder.
* [BUGFIX] TSDB: Tombstone intervals are not modified after Get()
call.
* [BUGFIX] TSDB: Use path/filepath to set the WAL directory.
- Update to 2.44.0:
* [FEATURE] Remote-read: Handle native histograms.
* [FEATURE] Promtool: Health and readiness check of prometheus
server in CLI.
* [FEATURE] PromQL: Add `query_samples_total` metric, the total
number of samples loaded by all queries.
* [ENHANCEMENT] Storage: Optimise buffer used to iterate through
samples.
* [ENHANCEMENT] Scrape: Reduce memory allocations on target
labels.
* [ENHANCEMENT] PromQL: Use faster heap method for `topk()` /
`bottomk()`.
* [ENHANCEMENT] Rules API: Allow filtering by rule name.
* [ENHANCEMENT] Native Histograms: Various fixes and
improvements.
* [ENHANCEMENT] UI: Search of scraping pools is now
case-insensitive.
* [ENHANCEMENT] TSDB: Add an affirmative log message for
successful WAL repair.
* [BUGFIX] TSDB: Block compaction failed when shutting down.
* [BUGFIX] TSDB: Out-of-order chunks could be ignored if the
write-behind log was deleted.
- Update to 2.43.1
* [BUGFIX] Labels: Set() after Del() would be ignored, which
broke some relabeling rules.
- Update to 2.43.0:
* [FEATURE] Promtool: Add HTTP client configuration to query
commands.
* [FEATURE] Scrape: Add `include_scrape_configs` to include
scrape configs from different files.
* [FEATURE] HTTP client: Add `no_proxy` to exclude URLs from
proxied requests.
* [FEATURE] HTTP client: Add `proxy_from_enviroment` to read
proxies from env variables.
* [ENHANCEMENT] API: Add support for setting lookback delta per
query via the API.
* [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499
if a request is canceled.
* [ENHANCEMENT] Scrape: Allow exemplars for all metric types.
* [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders
size.
* [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot
with index that is ahead of WAL.
* [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to
be more comprehensible.
* [ENHANCEMENT] UI: Scope `group by` labels to metric in
autocompletion.
* [BUGFIX] Scrape: Fix
`prometheus_target_scrape_pool_target_limit` metric not set
before reloading.
* [BUGFIX] TSDB: Correctly update
`prometheus_tsdb_head_chunks_removed_total` and
`prometheus_tsdb_head_chunks` metrics when reading WAL.
* [BUGFIX] TSDB: Use the correct unit (seconds) when recording
out-of-order append deltas in the
`prometheus_tsdb_sample_ooo_delta` metric.
- Update to 2.42.0:
This release comes with a bunch of feature coverage for native
histograms and breaking changes.
If you are trying native histograms already, we recommend you
remove the `wal` directory when upgrading.
Because the old WAL record for native histograms is not
backward compatible in v2.42.0, this will lead to some data
loss for the latest data.
Additionally, if you scrape 'float histograms' or use recording
rules on native histograms in v2.42.0 (which writes float
histograms), it is a one-way street since older versions do not
support float histograms.
* [CHANGE] **breaking** TSDB: Changed WAL record format for the
experimental native histograms.
* [FEATURE] Add 'keep_firing_for' field to alerting rules.
* [FEATURE] Promtool: Add support of selecting timeseries for
TSDB dump.
* [ENHANCEMENT] Agent: Native histogram support.
* [ENHANCEMENT] Rules: Support native histograms in recording
rules.
* [ENHANCEMENT] SD: Add container ID as a meta label for pod
targets for Kubernetes.
* [ENHANCEMENT] SD: Add VM size label to azure service
discovery.
* [ENHANCEMENT] Support native histograms in federation.
* [ENHANCEMENT] TSDB: Add gauge histogram support.
* [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that
represents buckets as float64 values.
* [ENHANCEMENT] UI: Show individual scrape pools on /targets
page.
- Update to 2.41.0:
* [FEATURE] Relabeling: Add keepequal and dropequal relabel
actions.
* [FEATURE] Add support for HTTP proxy headers.
* [ENHANCEMENT] Reload private certificates when changed on disk.
* [ENHANCEMENT] Add max_version to specify maximum TLS version in
tls_config.
* [ENHANCEMENT] Add goos and goarch labels to
prometheus_build_info.
* [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs.
* [ENHANCEMENT] SD: Add new metric
prometheus_sd_file_watcher_errors_total.
* [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling.
* [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in
iterators.
* [ENHANCEMENT] TSDB: Optimize postings offset table reading.
* [BUGFIX] Scrape: Validate the metric name, label names, and
label values after relabeling.
* [BUGFIX] Remote Write receiver and rule manager: Fix error
handling.
- Update to 2.40.7:
* [BUGFIX] TSDB: Fix queries involving negative buckets of native
histograms.
- Update to 2.40.5:
* [BUGFIX] TSDB: Fix queries involving native histograms due to
improper reset of iterators.
- Update to 2.40.3:
* [BUGFIX] TSDB: Fix compaction after a deletion is called.
- Update to 2.40.2:
* [BUGFIX] UI: Fix black-on-black metric name color in dark mode.
- Update to 2.40.1:
* [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit
architecture.
* [BUGFIX] Scrape: Fix accept headers.
- Update to 2.40.0:
* [FEATURE] Add experimental support for native histograms.
Enable with the flag --enable-feature=native-histograms.
* [FEATURE] SD: Add service discovery for OVHcloud.
* [ENHANCEMENT] Kubernetes SD: Use protobuf encoding.
* [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved
sorting speed.
* [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds
__meta_consul_partition label. Adds partition config in
consul_sd_config.
* [BUGFIX] API: Fix API error codes for /api/v1/labels and
/api/v1/series.
- Update to 2.39.1:
* [BUGFIX] Rules: Fix notifier relabel changing the labels on
active alerts.
- Update to 2.39.0:
* [FEATURE] experimental TSDB: Add support for ingesting
out-of-order samples. This is configured via
out_of_order_time_window field in the config file; check config
file docs for more info.
* [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also
respond to a HEAD request on top of existing GET support.
* [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label.
* [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label.
* [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region
label.
* [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory.
* [ENHANCEMENT] TSDB: Improve WAL replay timings.
* [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary
data in the memory.
* [ENHANCEMENT] TSDB: Allow overlapping blocks by default.
--storage.tsdb.allow-overlapping-blocks now has no effect.
* [ENHANCEMENT] UI: Click to copy label-value pair from query
result to clipboard.
* [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a
memory leak.
* [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus
startup.
* [BUGFIX] PromQL: Properly close file descriptor when logging
unfinished queries.
* [BUGFIX] Agent: Fix validation of flag options and prevent WAL
from growing more than desired.
- Update to 2.38.0:
* [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint
that allows pretty-formatting PromQL expressions.
* [FEATURE]: UI: Add support for formatting PromQL expressions in
the UI.
* [FEATURE]: DNS SD: Support MX records for discovering targets.
* [FEATURE]: Templates: Add toTime() template function that
allows converting sample timestamps to Go time.Time values.
* [ENHANCEMENT]: Kubernetes SD: Add
__meta_kubernetes_service_port_number meta label indicating the
service port number.
__meta_kubernetes_pod_container_image meta label indicating the
container image.
* [ENHANCEMENT]: PromQL: When a query panics, also log the query
itself alongside the panic message.
* [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve
the contrast ratio.
* [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding
locks and using atomic types instead.
* [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature
flag, which omits or removes any default HTTP (:80) or HTTPS
(:443) ports in the target's scrape address.
* [BUGFIX]: TSDB: In the WAL watcher metrics, expose the
type='exemplar' label instead of type='unknown' for exemplar
records.
* [BUGFIX]: TSDB: Fix race condition around allocating series IDs
during chunk snapshot loading.
- Remove npm_licenses.tar.bz2 during 'make clean'
- Remove web-ui archives during 'make clean'.
- Require promu >= 0.14.0 for building
- Drop:
- Upgrade to version 2.37.6
* Require Go 1.19
- Upgrade to version 2.37.5
* [SECURITY] Security upgrade from go and upstream dependencies
that include security fixes to the net/http and os packages.
- Upgrade to version 2.37.4
* [SECURITY] Fix basic authentication bypass vulnerability
(CVE-2022-46146, bsc#1208049, jsc#PED-3576).
- Upgrade to version 2.37.3
* [BUGFIX] Update our regexp library to fix upstream
CVE-2022-41715.
- Upgrade to version 2.37.2
- Upgrade to version 2.37.1
* [BUGFIX] Properly close file descriptor when logging unfinished
queries.
* [BUGFIX] TSDB: In the WAL watcher metrics, expose the
- Upgrade to version 2.37.0
* [FEATURE] Nomad SD: New service discovery for Nomad built-in
service discovery.
* [ENHANCEMENT] Kubernetes SD: Allow attaching node labels for
endpoint role.
* [ENHANCEMENT] PromQL: Optimise creation of signature
with/without labels.
* [ENHANCEMENT] TSDB: Memory optimizations.
* [ENHANCEMENT] TSDB: Reduce sleep time when reading WAL.
* [ENHANCEMENT] OAuth2: Add appropriate timeouts and User-Agent
header.
* [BUGFIX] Alerting: Fix Alertmanager targets not being updated
when alerts were queued.
* [BUGFIX] Hetzner SD: Make authentication files relative to
Prometheus config file.
* [BUGFIX] Promtool: Fix promtool check config not erroring
properly on failures.
* [BUGFIX] Scrape: Keep relabeled scrape interval and timeout on
reloads.
* [BUGFIX] TSDB: Don't increment
prometheus_tsdb_compactions_failed_total when context is
canceled.
* [BUGFIX] TSDB: Fix panic if series is not found when deleting
series.
* [BUGFIX] TSDB: Increase
prometheus_tsdb_mmap_chunk_corruptions_total on out of sequence
errors.
* [BUGFIX] Uyuni SD: Make authentication files relative to
Prometheus configuration file and fix default configuration
values.
- Upgrade to version 2.36.2
* [BUGFIX] Fix serving of static assets like fonts and favicon.
- Upgrade to version 2.36.1
* [BUGFIX] promtool: Add --lint-fatal option.
- Upgrade to version 2.36.0
* [FEATURE] Add lowercase and uppercase relabel action.
* [FEATURE] SD: Add IONOS Cloud integration.
* [FEATURE] SD: Add Vultr integration.
* [FEATURE] SD: Add Linode SD failure count metric.
* [FEATURE] Add prometheus_ready metric.
* [ENHANCEMENT] Add stripDomain to template function.
* [ENHANCEMENT] UI: Enable active search through dropped targets.
* [ENHANCEMENT] promtool: support matchers when querying label
* [ENHANCEMENT] Add agent mode identifier.
* [BUGFIX] Changing TotalQueryableSamples from int to int64.
* [BUGFIX] tsdb/agent: Ignore duplicate exemplars.
* [BUGFIX] TSDB: Fix chunk overflow appending samples at a
variable rate.
* [BUGFIX] Stop rule manager before TSDB is stopped.
- Upgrade to version 2.35.0
* [CHANGE] TSDB: Delete *.tmp WAL files when Prometheus starts.
* [CHANGE] promtool: Add new flag --lint (enabled by default) for
the commands check rules and check config, resulting in a new
exit code (3) for linter errors.
* [FEATURE] Support for automatically setting the variable
GOMAXPROCS to the container CPU limit. Enable with the flag
--enable-feature=auto-gomaxprocs.
* [FEATURE] PromQL: Extend statistics with total and peak number
of samples in a query. Additionally, per-step statistics are
available with --enable-feature=promql-per-step-stats and using
stats=all in the query API. Enable with the flag
--enable-feature=per-step-stats.
* [ENHANCEMENT] TSDB: more efficient sorting of postings read from
WAL at startup.
* [ENHANCEMENT] Azure SD: Add metric to track Azure SD failures.
* [ENHANCEMENT] Azure SD: Add an optional resource_group
configuration.
* [ENHANCEMENT] Kubernetes SD: Support discovery.k8s.io/v1
EndpointSlice (previously only discovery.k8s.io/v1beta1
EndpointSlice was supported).
* [ENHANCEMENT] Kubernetes SD: Allow attaching node metadata to
discovered pods.
* [ENHANCEMENT] OAuth2: Support for using a proxy URL to fetch
OAuth2 tokens.
* [ENHANCEMENT] Configuration: Add the ability to disable HTTP2.
* [ENHANCEMENT] Config: Support overriding minimum TLS version.
* [BUGFIX] Kubernetes SD: Explicitly include gcp auth from k8s.io.
* [BUGFIX] Fix OpenMetrics parser to sort uppercase labels
correctly.
* [BUGFIX] UI: Fix scrape interval and duration tooltip not
showing on target page.
* [BUGFIX] Tracing/GRPC: Set TLS credentials only when insecure is
false.
* [BUGFIX] Agent: Fix ID collision when loading a WAL with
multiple segments.
* [BUGFIX] Remote-write: Fix a deadlock between Batch and flushing
the queue.
- Upgrade to version 2.34.0
* [CHANGE] UI: Classic UI removed.
* [CHANGE] Tracing: Migrate from Jaeger to OpenTelemetry based
tracing.
* [ENHANCEMENT] TSDB: Disable the chunk write queue by default and
allow configuration with the experimental flag
--storage.tsdb.head-chunks-write-queue-size.
* [ENHANCEMENT] HTTP SD: Add a failure counter.
* [ENHANCEMENT] Azure SD: Set Prometheus User-Agent on requests.
* [ENHANCEMENT] Uyuni SD: Reduce the number of logins to Uyuni.
* [ENHANCEMENT] Scrape: Log when an invalid media type is
encountered during a scrape.
* [ENHANCEMENT] Scrape: Accept
application/openmetrics-text;version=1.0.0 in addition to
version=0.0.1.
* [ENHANCEMENT] Remote-read: Add an option to not use external
labels as selectors for remote read.
* [ENHANCEMENT] UI: Optimize the alerts page and add a search bar.
* [ENHANCEMENT] UI: Improve graph colors that were hard to see.
* [ENHANCEMENT] Config: Allow escaping of $ with $$ when using
environment variables with external labels.
* [BUGFIX] PromQL: Properly return an error from
histogram_quantile when metrics have the same labelset.
* [BUGFIX] UI: Fix bug that sets the range input to the
resolution.
* [BUGFIX] TSDB: Fix a query panic when
memory-snapshot-on-shutdown is enabled.
* [BUGFIX] Parser: Specify type in metadata parser errors.
* [BUGFIX] Scrape: Fix label limit changes not applying.
- Upgrade to version 2.33.5
* [BUGFIX] Remote-write: Fix deadlock between adding to queue and
getting batch.
- Upgrade to version 2.33.4
* [BUGFIX] TSDB: Fix panic when m-mapping head chunks onto the
disk.
- Upgrade to version 2.33.3
* [BUGFIX] Azure SD: Fix a regression when public IP Address isn't
set.
- Upgrade to version 2.33.2
* [BUGFIX] Azure SD: Fix panic when public IP Address isn't set.
* [BUGFIX] Remote-write: Fix deadlock when stopping a shard.
- Upgrade to version 2.33.1
* [BUGFIX] SD: Fix no such file or directory in K8s SD when not
running inside K8s.
- Upgrade to version 2.33.0
* [CHANGE] PromQL: Promote negative offset and @ modifer to stable
features.
* [CHANGE] Web: Promote remote-write-receiver to stable.
* [FEATURE] Config: Add stripPort template function.
* [FEATURE] Promtool: Add cardinality analysis to check metrics,
enabled by flag --extended.
* [FEATURE] SD: Enable target discovery in own K8s namespace.
* [FEATURE] SD: Add provider ID label in K8s SD.
* [FEATURE] Web: Add limit field to the rules API.
* [ENHANCEMENT] Remote-write: Avoid allocations by buffering
concrete structs instead of interfaces.
* [ENHANCEMENT] Remote-write: Log time series details for
out-of-order samples in remote write receiver.
* [ENHANCEMENT] Remote-write: Shard up more when backlogged.
* [ENHANCEMENT] TSDB: Use simpler map key to improve exemplar
ingest performance.
* [ENHANCEMENT] TSDB: Avoid allocations when popping from the
intersected postings heap.
* [ENHANCEMENT] TSDB: Make chunk writing non-blocking, avoiding
latency spikes in remote-write.
* [ENHANCEMENT] TSDB: Improve label matching performance.
* [ENHANCEMENT] UI: Optimize the service discovery page and add a search bar.
* [ENHANCEMENT] UI: Optimize the target page and add a search bar.
* [BUGFIX] Promtool: Make exit codes more consistent.
* [BUGFIX] Promtool: Fix flakiness of rule testing.
* [BUGFIX] Remote-write: Update
prometheus_remote_storage_queue_highest_sent_timestamp_seconds
metric when write irrecoverably fails.
* [BUGFIX] Storage: Avoid panic in BufferedSeriesIterator.
* [BUGFIX] TSDB: CompactBlockMetas should produce correct
mint/maxt for overlapping blocks.
* [BUGFIX] TSDB: Fix logging of exemplar storage size.
* [BUGFIX] UI: Fix overlapping click targets for the alert state
checkboxes.
* [BUGFIX] UI: Fix Unhealthy filter on target page to actually
display only Unhealthy targets.
* [BUGFIX] UI: Fix autocompletion when expression is empty.
* [BUGFIX] TSDB: Fix deadlock from simultaneous GC and write.
- Fix authentication bypass by updating Prometheus Exporter Toolkit
to version 0.7.3 (CVE-2022-46146, bsc#1208049)
- Fix uncontrolled resource consumption by updating Go to version
1.20.1 (CVE-2022-41723, bsc#1208298)
- Restructure the spec to build web assets online
* Makefile
grafana:
- Update to version 9.5.8:
* Features and enhancements
GenericOAuth: Set sub as auth id
* Bug fixes:
DataSourceProxy: Fix url validation error handling
- Update to version 9.5.7:
Alerting: Sort NumberCaptureValues in EvaluationString
Alerting: Improve performance of matching captures
Alerting: No longer silence paused alerts during legacy
migration
Alerting: Remove and revert flag alertingBigTransactions
Alerting: Migrate unknown NoData\Error settings to the default
Tracing: supply Grafana build version
Tempo: Escape regex-sensitive characters in span name before
building promql query
Plugins: Only configure plugin proxy transport once
Alerting: Fix unique violation when updating rule group with
title chains/cycles
Prometheus: Version detect bug
Prometheus: Fix heatmap format with no data
Database: Change getExistingDashboardByTitleAndFolder to get
dashboard by title, not slug
Alerting: Convert 'Both' type Prometheus queries to 'Range' in
SQLStore: Fix Postgres dialect treating 'false' migrator
default as true
Alerting: Support newer http_config struct
InfluxDB: Interpolate retention policies
StatusHistory: Fix rendering of value-mapped null
Alerting: Fix provenance guard checks for Alertmanager
configuration to not cause panic when compared nested
objects
AnonymousAuth: Fix concurrent read-write crash
AzureMonitor: Ensure legacy properties containing template
variables are correctly migrated
Explore: Remove data source onboarding page
Dashboard: Re-align Save form
Azure Monitor: Fix bug that did not show alert rule preview
Histogram: Respect min/max panel settings for x-axis
Heatmap: Fix color rendering for value ranges < 1
Heatmap: Handle unsorted timestamps in calculate mode
Google Cloud Monitor: Fix mem usage for dropdown
AzureMonitor: Fix logs query multi-resource and timespan values
Utils: Reimplement util.GetRandomString to avoid modulo bias
Alerting: Fix matching labels with spaces in their values
Dashboard: Fix applying timezone to datetime variables
Dashboard: Fix panel description event triggering every time
panel is rendered
Tempo: Fix get label values based on CoreApp type
Heatmap: Fix log scale editor
Dashboard: Fix disappearing panel when viewed panel is
refreshed
Prometheus: Fix bug in creating autocomplete queries with
labels
Prometheus: Fix Query Inspector expression range value
Alerting: Fix migration failing if alert_configuration table is
not empty
InfluxDB: Fix querying retention policies on flux mode
- Update to version 9.5.6:
* Bug fixes
Dashboard: Fix library panels in collapsed rows not getting
updated
Auth: Add and document option for enabling email lookup
- Update to version 9.5.5:
Security: Fix authentication bypass using Azure AD OAuth
(bsc#1212641, CVE-2023-3128, jsc#PED-3694).
Auth: Show invite button if disable login form is set to false.
Azure: Fix Kusto auto-completion for Azure datasources.
RBAC: Remove legacy AC editor and admin role on new dashboard
route.
API: Revert allowing editors to access GET /datasources.
Settings: Add ability to override skip_org_role_sync with Env
variables.
- Update to version 9.5.3:
Query: Prevent crash while executing concurrent mixed queries
(bsc#1212099, CVE-2023-2801).
Alerting: Require alert.notifications:write permissions to test
receivers and templates (bsc#1212100, CVE-2023-2183).
- Update to version 9.5.2:
Alerting: Scheduler use rule fingerprint instead of version.
Explore: Update table min height.
DataLinks: Encoded URL fixed.
TimeSeries: Fix leading null-fill for missing intervals.
Dashboard: Revert fixed header shown on mobile devices in the
new panel header.
PostgreSQL: Fix TLS certificate issue by downgrading lib/pq.
Provisioning: Fix provisioning issues with legacy alerting and
data source permissions.
Alerting: Fix misleading status code in provisioning API.
Loki: Fix log samples using `instant` queries.
Panel Header: Implement new Panel Header on Angular Panels.
Azure Monitor: Fix bug that was not showing resources for
certain locations.
Alerting: Fix panic when reparenting receivers to groups
following an attempted rename via Provisioning.
Cloudwatch Logs: Clarify Cloudwatch Logs Limits.
- Update to 9.5.1
Loki Variable Query Editor: Fix bug when the query is updated
Expressions: Fix expression load with legacy UID -100
- Update to 9.5.0 (CVE-2023-1387, bsc#1210907, jsc#PED-3694)
* Breaking changes
- default named retention policies won't be used to query.
Users who have a default named retention policy in their
influxdb database, have to rename it to something else.
Having default named retention policy is not breaking
anything. We will make sure to use the actual default
retention policy under the hood. To change the hardcoded
retention policy in the dashboard.json, users must they
select the right retention policy from dropdown and save the
panel/dashboard.
- Grafana Alerting rules with NoDataState configuration set to
Alerting will now respect 'For' duration.
- Users who use LDAP role sync to only sync Viewer, Editor and
Admin roles, but grant Grafana Server Admin role manually
will not be able to do that anymore. After this change, LDAP
role sync will override any manual changes to Grafana Server
Admin role assignments. If grafana_admin is left unset in
LDAP role mapping configuration, it will default to false.
API keys: Add deprecation to api keys.
API: Enable serving Swagger UI by default and add docs and
guidelines.
API: Permit Cache-Control (browser caching) for datasource
resources.
Accessibility: Make row actions keyboard accessible.
Admin/Plugins: Set category filter in connections link.
Alerting: Add CustomDetails field in PagerDuty contact point.
Alerting: Add dashboard and panel links to rule and instance
annotations.
Alerting: Add filter and remove funcs for custom labels and
Alerting: Add fuzzy search to alert list view.
Alerting: Add metrics for active receiver and integrations.
Alerting: Better printing of labels.
Alerting: Create new state history 'fanout' backend that
dispatches to multiple other backends at once.
Alerting: Enable preview for recording rules.
Alerting: Fetch all applied alerting configurations.
Alerting: Introduce proper feature toggles for common state
history backend combinations.
Alerting: Make time range query parameters not required when
querying Loki.
Alerting: New notification policies view.
Alerting: No longer index state history log streams by
instance labels.
Alerting: Respect 'For' Duration for NoData alerts.
Alerting: Support filtering rules by multiple datasources.
Alerting: Switch to snappy-compressed-protobuf for outgoing
push requests to Loki.
Angular: Prevent angular from loading when disabled.
Auth: Add Generic oauth skip org role sync setting.
Auth: Add feature flag to move token rotation to client.
Auth: Show user sync external Authentication status.
Backend: Use sdk version 0.148.0.
Chore: Add stat for remote cache config.
Chore: Replace short UID generation with more standard UUIDs.
Chore: Use DOMPurify to sanitize strings rather than js-xss.
CloudMonitoring: Add possibility to use path for private key.
CloudWatch Logs: Update default timeout to 30m.
CloudWatch: Add AWS/IotSiteWise namespace and metrics.
CloudWatch: Add account support to variable queries.
CloudWatch: Make deeplinks work for us-gov and china regions.
Cloudwatch: Add MeteredIOBytes metric for EFS.
Command Palette: Display dashboard location.
Command palette: Enable folder searching.
Connections: Turn on feature toggle by default.
Cookies: Provide a mechanism for per user control over cookies.
Dashboard Datasource: Update Query List & Improve UX.
Dashboard: Add a feature that creates a table panel when a
spreadsheet file is dropped on the dashboard.
Dashboard: Add new visualization/row/library panel/pasted
panel is now a dropdown menu.
Dashboard: Add value format for requests per minute.
Dashboard: Empty/No Panels dashboard with a new design.
Dashboard: When dashboard is not found show message instead
of empty page.
Dashboards: Enable feature flag newPanelChromeUI by default.
Dataplane: Support timeSeriesLong without transform.
Datasources: Add user_agent header customization for outgoing
HTTP requests.
Datasources: Use getDefaultQuery in annotations editors.
Docs: Add documentation on how to debug backend plugins.
Docs: Deprecate dashboard previews.
Elasticsearch: Detect Elasticsearch version.
Elasticsearch: Run Explore queries trough data source backend.
Explore: Add range option to internal data links.
Explore: Add transformations to correlation data links.
Explore: Support mixed data sources for supplementary query.
Extensions: Expose an enum for available placements.
Feat: Changing link destination for get more plugins.
Feat: Linking to plugin details page rather than externally
for new datasources.
FieldMatchers: Add match by value (reducer).
Flame graph: Add context menu.
Flame graph: Add metadata above flame graph.
Geomap: Improve tooltip url for photos layer.
Geomap: Release night / day layer.
InfluxDB: Move database information into jsondata.
Jaeger and Zipkin: Config & docs upgrade.
LDAP: Allow setting minimum TLS version and accepted ciphers.
Live: Remove (alpha) ability to configure live pipelines.
Logger: Add feature toggle for errors in HTTP request logs.
Login: Allow custom name and icon for social providers.
Logs Panel: Refactor style generation to improve rendering
performance.
Logs: Add millisecond to timestamp in log line.
Logs: Rename dedup to deduplicate.
Loki Query Editor: Make Monaco the default editor.
Loki: Add unpack query builder hint.
Loki: Add descriptions to query builder operations.
Loki: Add placeholder to the loki query editor.
Loki: Always fetch for new label keys in the QueryBuilder.
Loki: Display error with label filter conflicts.
Loki: Improve the display of loki query stats.
MSSQL/Postgres: List views in table dropdown as well.
MSSQL: Update forked go-mssqldb dependency.
Metrics: Update comment to mention folders instead of
dashboards.
Navigation: Enable new navigation by default.
NodeGraph: Support icons for nodes.
Notifications: Enable display of trace ID by default.
Packaging: Start Grafana service after InfluxDB.
Panel Header: Add CancelQuery option to panel header.
Panel: Show multiple errors info in the inspector.
PanelChrome: Add option to show actions on the right side
(actions = leftItems).
Phlare: Allow variables in labelSelector (in query).
Plugin: Skip preloading disabled app plugins.
Plugins: Add optional logger for plugin requests sent to backend
plugins.
Plugins: Extend panel menu with commands from plugins.
Plugins: Extend panel menu with links from plugins.
Plugins: Improve instrumentation by adding metrics and tracing.
Plugins: Support for distributed tracing in backend plugins SDK.
Plugins: Support for link extensions.
Profiling: Enable flame graph & Phlare/Parca data sources for
all users.
Prometheus Datasource: Improve Prom query variable editor.
Prometheus Metrics: Add missing stat_total_teams metric.
Prometheus/Loki: Run query explicitly instead of onblur in panel
edit.
Prometheus: Browser resource caching.
Prometheus: Improve prometheus query variable editor.
Prometheus: Use $__rate_interval for rate queries generated by
metric browser.
Pubdash: Email sharing handle dashboard deleted.
PublicDashboards: Backfills share column with default value.
PublicDashboards: Configuration modal redesign.
PublicDashboards: Email sharing.
PublicDashboards: Enable creation when dashboard has template
variables.
PublicDashboards: Paused or deleted public dashboard screen.
QueryHistory: Improve handling of mixed datasource entries.
Rendering: Experimental support to use JWTs as auth method.
SQL Datasources: Add back help content.
Schema: Remove exclusion for timeseries and update imports.
Search: Improvements for starred dashboard search.
Select: Show icon in the grafana/ui Select component.
Service accounts: Creation logic simplification.
Service accounts: Remove Add API keys buttons and remove one
state of migrating for API keys tab.
SplitOpen: Update API to accept multiple queries.
Stat Panel: Add an option for a non-gradient/solid background.
Stat: Add ability to remove default single-color background
gradient.
SupportBundles: Add OAuth bundle collectors.
Table Panel: Add ability to use text color for value or hide
value in gauge cell.
Table: Introduce sparkline cell type.
Tempo: Config and doc updates.
Tempo: Update service graph view and docs.
TraceView: Add key and url escaping of json tag values.
TraceView: Reworked header.
Tracing: Add more detail to HTTP Outgoing Request.
Tracing: Docs and config improvements for Tempo/Jaeger/Zipkin.
Tracing: Support multiple OTel propagators.
Transformations: Support time format when converting time to
strings.
Transformers: Support adding the row index using calculate
field transformer.
Units: Format currency with negative before the symbol.
API: Fix 'Updated by' Column in dashboard versions table.
AccessControl: Allow editors to access GET /api/datasources.
Alerting: Add 'backend' label to state history writes metrics.
Alerting: Add alert instance labels to Loki log lines in
addition to stream labels.
Alerting: Elide requests to Loki if nothing should be recorded.
Alerting: Fix DatasourceUID and RefID missing for
DatasourceNoData alerts.
Alerting: Fix ambiguous handling of equals in labels when
bucketing Loki state history streams.
Alerting: Fix attachment of external labels to Loki state
history log streams.
Alerting: Fix creating a recording rule when having multiple
datasources.
Alerting: Fix explore link in alert detail view.
Alerting: Fix share URL for Prometheus rules on subpath.
Alerting: Fix stats that display alert count when using unified
alerting.
Alerting: Hide mute timing actions when dealing with vanilla
prometheus.
Alerting: Paginate result previews.
Alerting: Prometheus-compatible Alertmanager timings editor.
Alerting: Update scheduler to get updates only from database.
Alerting: Use a completely isolated context for state history
writes.
Alerting: Use displayNameFromDS if available in preview.
Annotation List: Fix panel not updating when variable is
changed.
Annotations: Ignore unique constraint violations for tags.
Auth: Fix orgrole picker disabled if isSynced user.
AzureMonitor: Fix Log Analytics portal links.
BrowseDashboards: Fix move to General folder not working.
Catalog: Show install error with incompatible version.
Chore: Update Grafana to use Alertmanager
v0.25.1-0.20230308154952-78fedf89728b.
CloudMonitoring: Add project selector for MQL editor[fix].
CloudWatch Logs: Fix running logs queries with expressions.
CloudWatch Logs: Fix to make log queries use a relative time if
available.
CloudWatch Logs: Revert 'Queries in an expression should run
synchronously'.
CloudWatch: Fix cachedQueries insights not being updated for
metric queries.
Cloudwatch: Pass refId from query for expression queries.
Dashboards: Evaluate provisioned dashboard titles in a
backwards compatible way.
Dashboards: Fix broken internal data links.
Database: Don't sleep 10ms before every request.
Elasticsearch: Fix processing of response with multiple group
by for alerting.
Elasticsearch: Handle multiple annotation structures.
Email: Mark HTML comments as 'safe' in email templates.
ErrorHandling: Fixes issues with bad error messages.
ErrorView: Better detection of no-data responses.
Explore: Make DataSourcePicker visible on small screens.
Fix: DataLinks from data sources override user defined data
link.
Fix: Top table rendering and update docs.
Frontend: Fix broken links in /plugins when pathname has a
trailing slash.
Geomap: Fix route layer zoom behavior.
Google Cloud Monitoring: Fix project variable.
HeatMap: Sort y buckets when all bucket names are numeric.
InfluxDB: Fix querying with hardcoded retention policy.
InfluxDB: Fix sending retention policy with InfluxQL queries.
KVStore: Include database field in migration.
LDAP: Always synchronize Server Admin role through role sync if
role sync is enabled.
Library panels: Ensure pagination controls are always correctly
displayed.
Loki: Fix autocomplete situations with multiple escaped quotes.
MegaMenu: Fixes mega menu showing scroll indicator when it
shouldn't.
Navigation: Redirect to root page when switching organization.
Navigation: Scrolled hamburger menu links now navigate correctly
in Safari.
NestedFolders: Fix nested folder deletion.
New Panel Header: Fix when clicking submenu item the parent
menu item onClick get's triggered.
Phlare: Fix error when there are no profileTypes to send from
backend.
PieChart: Show long labels properly.
PluginExtensions: Fixed issue with incorrect type being
exposed when configuring an extension.
Plugins: Ensure proxy route bodies are valid JSON.
Plugins: Fix width for README pages with tables.
Plugins: Markdown fetch retry with lowercase.
Plugins: Skip instrumenting plugin build info for core and
bundled plugins.
PublicDashboards: Query collapsed panels inside rows.
Query Splitting: Fix for handling queries with no requestId.
SQL Datasources: Fix variable throwing error if query returns no
data.
SQL Datasources: Prevent Call Stack Overflows with Large
Numbers of Values for Variable.
SQLStore: Fix SQLite error propagation if query retries are
disabled.
Stat Panel: Fix issue with clipping text values.
Table Panel: Fix panel migration for options cell type.
Table: Fix migrations from old angular table for cell color
modes.
Table: Fixes issue with pagination summary causing scrollbar.
Table: Fixes table panel gauge alignment.
TablePanel: Fix table cells overflowing when there are
multiple data links.
TablePanel: fix footer bug; no footer calculated values after
'hidden' column override.
Templating: Allow percent encoding of variable with custom all.
Tempo: Set default limit if none is provided for traceql
queries.
TimeSeries: Don't extend stepped interpolation to graph edges.
TimeSeries: Improve stacking direction heuristic.
Trace View: Update the queryType to traceql for checking if
same trace when clicking span link.
TraceView: Don't require preferredVisualisationType to render.
Utils: Reimplement util.GetRandomString to avoid modulo bias.
XYChart: Add all dataset columns in tooltip.
* Plugin development fixes & changes
DateTimePicker: Can now select time correctly.
Grafana UI: Fix tooltip prop of button component.
DateTimePicker: Add min date support to calendar.
GrafanaUI: Implement new component Toggletip.
ContextMenu: Fix padding and show border based on items.
- Update to 9.4.7 (2023-03-16)
Alerting: Update scheduler to receive rule updates only from
database.
Influxdb: Re-introduce backend migration feature toggle.
Security: Fixes for CVE-2023-1410.
The InfluxDB backend migration feature toggle
(influxdbBackendMigration) has been reintroduced in this
version as issues were discovered with backend processing of
InfluxDB data. Unless this feature toggle is enabled, all
InfluxDB data will be parsed in the frontend. This frontend
processing is the default behavior.
In Grafana 9.4.4, InfluxDB data parsing started to be handled
in the backend. If you have upgraded to 9.4.4 and then added
new transformations on InfluxDB data, those panels will fail to
render. To resolve this either:
Remove the affected panel and re-create it or
edit the `time` field as `Time` in `panel.json` or
`dashboard.json`
as the exporter toolkit has been updated by upstream
- Install wrapper scripts under /usr/sbin
- Install actual binaries under /usr/libexec/grafana (or /usr/lib
under older distributions) and create a simlink for wrapper
scripts and the service (which expect the binary to be under
/usr/share/grafana/bin)
- Update to 9.4.3
Alerting: Use background context for maintenance function.
- Update to 9.4.2
Alerting: Fix boolean default in migration from false to 0.
- Update to 9.4.0
Alerting: Add endpoint for querying state history.
Alerting: Add label query parameters to state history endpoint.
Alerting: Add static label to all state history entries.
Alerting: Mark AM configuration as applied.
Azure Monitor: Enable multiple resource queries.
Query Caching: Add per-panel query caching TTL.
Table: Add row number column option.
Tempo: Remove tempoApmTable feature flag.
Transformations: Selectively apply transformation to queries.
AccessControl: Clear user permission cache for update org user
role.
Alerting: Fix handling of special floating-point cases
when writing observed values to annotations.
Auth: Rotate token patch.
ContextMenu: Consider y coord when determining bottom
collision.
Elasticsearch: Fix consistent label order in alerting.
Explore: Fix graph not updating when changing config.
Heatmap: Support heatmap rows with non-timeseries X axis.
Login: Fix panic when a user is upserted by a background
process.
MSSQL: Add support for macro function calls.
MySQL: Quote identifiers that include special characters.
Navigation: Sign in button now works correctly when
served under a sub path.
Nested Folder: Fix for SQLite not to overwrite the parent on
restarts.
PanelChrome: Adds display mode to support transparent option.
Plugins: Case-sensitive routes for standalone pages.
Plugins: Prefer to use the data source UID when querying.
SQLStore: Fix folder migration for MySQL < 5.7.
Search: Fix not being able to clear sort value.
Tempo: Fix span name being dropped from the query.
PanelChrome: Implement hover header.
- Update to 9.3.7
Alerting: Validate that tags are 100 characters or less.
Expressions: Fixes the issue showing expressions editor.
Logs: Fix stats not being updated when log results change.
Plugins: Fix circular reference in customOptions leading
to MarshalJSON errors.
Time Series Panel: Fix legend text selection in Firefox.
- Update to 9.3.6
QueryEditorRow: Fixes issue loading query editor when
data source variable selected.
- Update to 9.3.4
Prometheus: Add default editor configuration.
TextPanel: Refactor to functional component.
Alerting: Fix webhook to use correct key for decrypting token.
Alerting: Set error annotation on EvaluationError regardless of
underlying error type.
Datasources: Fix Proxy by UID Failing for UIDs with a Hyphen.
Fix creating of span link with no tags.
Elasticsearch: Fix failing requests when using SigV4.
Elasticsearch: Fix toggle-settings are not shown correctly.
Explore: Be sure time range key bindings are mounted after
clear.
Explore: Unsync time ranges when a pane is closed.
Logs: Lines with long words do not break properly.
Loki: Fix misaligned derived fields settings.
Query Builder: Fix max width of input component to prevent
overflows.
Search: Auto focus input elements.
Search: Fix empty folder message showing when by starred
dashboards.
Table Panel: Fix image of image cell overflowing table cell and
cells ignoring text alignment setting when a data
link is added.
- Update to 9.3.2
Graphite: Process multiple queries to Graphite plugin.
API: Fix delete user failure due to quota not enabled.
Accessibility: Improved keyboard accessibility in BarGauge.
Accessibility: Improved keyboard accessibility in BigValue.
Alerting: Use the QuotaTargetSrv instead of the QuotaTarget in
quota check.
AzureMonitor: Automate location retrieval.
AzureMonitor: Fix bad request when setting dimensions.
BarChart: Fix value mappings.
Build: Streamline and sync dockerfiles.
Build: Unified dockerfile for all builds.
CloudWatch: Fix - make sure dimensions are propagated to alert
query editor.
Cloudwatch: Fix deeplink with default region.
Command Palette: Fix not being able to type if triggered
whilst another modal is open.
Command Palette: Maintain page state when changing theme.
Dashboards: Fix 'Make Editable' button not working in
Dashboard Settings.
Dashboards: Show error when data source is missing.
Datasource: Fix - apply default query also to queries in new
panels.
Dropdown: Menu now closes correctly when selecting
options on touch devices.
Influx: Query segment menus now position correctly near
the bottom of the screen.
Login: Fix failure to login a new user via an external
provider if quota are enabled.
Loki/Prometheus: Fix wrong queries executed in split view.
Loki: Fix wrongly escaped label values when using LabelFilter.
Navigation: Prevent app crash when importing a dashboard with a
uid of `home`.
Panel Edit: Fix data links edit icons being off screen when
provided title is too long.
Prometheus: Fix exemplar fill color to match series color in
time series.
Prometheus: Fix exemplars not respecting corresponding series
display status.
StateTimeline: Fix negative infinity legend/tooltip from
thresholds.
Table: Fixes row border style not showing and colored
rows blending together.
Tempo: Fix TraceQL autocomplete issues.
TimePicker: Prevent TimePicker overflowing viewport on small
screens.
TimeRangePicker: Fix recently ranges only not showing all recent
ranges.
TimeZonePicker: Scroll menu correctly when using keyboard
controls.
- Update to 9.3.1
Connections: Update 'Your connections/Data sources' page.
Accessibility: Increase badge constrast to be WCAG AA compliant.
- Update to 9.3.0
Alerting: Enable interpolation for notification policies in file
provisioning.
Azure Monitor Logs: Avoid warning when the response is empty.
Azure Monitor: Add support to customized routes.
Canvas: Add icon value mapping.
CloudWatch: Cross-account querying support.
Docs: Update `merge-pull-request.md` regarding backport
policies.
GaugePanel: Setting the neutral-point of a gauge.
Geomap: Improve location editor.
Internationalization: Enable internationalization by default.
Logs: Add `Download logs` button to log log-browser.
Loki: Add `gzip` compression to resource calls.
Loki: Add improvements to loki label browser.
Loki: Make label browser accessible in query builder.
Loki: Remove raw query toggle.
Middleware: Add CSP Report Only support.
Navigation: Prevent viewer role accessing dashboard
creation, import and folder creation.
OAuth: Refactor OAuth parameters handling to support
obtaining refresh tokens for Google OAuth.
Oauth: Display friendly error message when
role_attribute_strict=true and no valid role found.
Preferences: Add confirmation modal when saving org preferences.
PublicDashboards: Orphaned public dashboard deletion script
added.
Query Editor: Hide overflow for long query names.
Solo Panel: Configurable timezone.
TablePanel: Add support for Count calculation per column
or per entire dataset.
Tempo: Send the correct start time when making a TraceQL query.
Various Panels: Remove beta label from Bar Chart, Candlestick,
Histogram, State Timeline, & Status History
Panels.
Access Control: Clear user's permission cache after resource
creation.
Accessibility: Improve keyboard accessibility in
`AnnoListPanel`.
Accessibility: Improve keyboard accessibility in `Collapse`.
`GettingStarted` panel.
Accessibility: Improve keyboard accessibility of `FilterPill`.
Admin: Fix broken links to image assets in email templates.
Azure Monitor: Fix namespace selection for storageaccounts.
Calcs: Fix difference percent in legend.
DataLinks: Improve Data-Links AutoComplete Logic.
Explore: Fix a11y issue with logs navigation buttons.
Heatmap: Fix blurry text & rendering.
Heatmap: Fix tooltip y range of top and bottom buckets in
calculated heatmaps.
Logs: Fix misalignment of LogRows.
Navigation: Stop clearing search state when opening a
result in a new tab.
OptionsUI: SliderValueEditor does not get auto focused on
slider change.
PanelEdit: Fixes bug with not remembering panel options
pane collapse/expand state.
Quota: Fix failure in store due to missing scope parameters.
Quota: Fix failure when checking session limits.
StateTimeline: Prevent label text from overflowing state rects.
Tempo: Fix search table duration unit.
TraceView: Fix broken rendering when scrolling in Dashboard
panel in Firefox.
GrafanaUI: Add disabled option for menu items.
- Update to 9.2.4
Access Control: Add an endpoint for setting several managed
resource permissions.
Accessibility: Increase `Select` placeholder contrast to
be WCAG AA compliant.
Alerting: Append org ID to alert notification URLs.
Alerting: Make the Grouped view the default one for Rules.
Build: Remove unnecessary alpine package updates.
Google Cloud Monitoring: Set frame interval to draw null values.
Instrumentation: Expose when the binary was built as a gauge.
Loki: Preserve `X-ID-Token` header.
Search: Reduce requests in folder view.
TimeSeries: More thorough detection of negative values for
auto-stacking direction.
Alerting: Attempt to preserve UID from migrated legacy channel.
Alerting: Fix response is not returned for invalid Duration in
Provisioning API.
Alerting: Fix screenshot is not taken for stale series.
Auth: Fix admins not seeing pending invites.
MSSQL/Postgres: Fix visual query editor filter disappearing.
Tempo: Fix dropdown issue on tag field focus.
Timeseries: Fix null pointer when matching fill below to field.
Toolkit: Fix Webpack less-loader config.
- Update to 9.2.3
Docs: Add information about DB version support to upgrade guide.
Footer: Update footer release notes link to Github changelog.
Prometheus: Do not drop errors in streaming parser.
Prometheus: Flavor/version configuration.
Prometheus: Provide label values match parameter API when
supported prometheus instance is configured.
Security: Upgrade x/text to version unaffected by
CVE-2022-32149.
Auth: Fix GF_AUTH_JWT_URL_LOGIN env variable doesn't work.
Live: Explicitly reply with http 200.
Prometheus: Fix builder operation mode changing
multiselect to single select behaviour.
Security: Fix vulnerabilities in webpack loader-utils.
- Update to 9.2.2
Alerting: Add support for wecom apiapp.
Canvas: Improve resource picker initialization.
Canvas: Improve text element readability.
CloudWatch: Make sure adoption tracking is done on valid,
migrated queries.
Dashboard: Alerts user to incorrect tag format for JSON import.
MSSQL: Support tables from all schemas.
Opentsdb: Allow template variables for filter keys.
QueryEditor: Revert components from grafana-ui.
Browse: Fix General folder not showing in FolderPicker.
Elasticsearch: Fix calculation of trimEdges in alert mode.
Elasticsearch: Fix trimEdges delete logic in alert mode.
GoogleOAuth: Unlock User Admin UI.
LogContext: Fix wrong color of `show context` icon in light
theme.
Loki: Fix adding of adhoc filters to stream selector when query
with empty stream selector.
Loki: Fix double stringified log-lines when copied via Copy
button.
Loki: Fix explain section about $\_\_interval variable.
Loki: Remove already selected options from next label filter
options in builder.
NodeGraph: Fix rendering issues when values of arc are over 1.
PublicDashboards: Fix hidden queries execution.
Tempo: Fix Node Graph visualization type in dashboard.
TimeSeries: Fix stacking when first value is negative zero.
TimeseriesPanel: Fix variables in data links.
User: Fix externalUserId not being populated.
We added some components a bit too early to @grafana/ui in 9.2
so we are moving them back to @grafana/experimental. If you
used any of these components
AccessoryButton
EditorFieldGroup
EditorHeader
EditorField
EditorRow
EditorList
EditorRows
EditorSwitch
FlexItem
Stack
InlineSelect
InputGroup
Space
Please use them from grafana/experimental from now on.
- Update to 9.2.1
Alerting: Improve notification policies created during
migration.
AzureAD: Add option to force fetch the groups from the
Graph API.
Docs: Note end of release notes publication.
Inspect: Handle JSON tab crash when the provided object
is too big to stringify.
TablePanel: Footer now updates values on column filtering.
Alerting: Fix email image embedding on Windows.
Alerting: Fix mathexp.NoData for ConditionsCmd.
Legacy Alerting: Fix duration calculation when testing a rule.
Loki: Propagate additional headers from Grafana to Loki
when querying data.
Search: Sort alphabetically in the folder view, increase
the limit of the folder search from 50 to 1000.
TablePanel: Fix last table column to be centered.
Grafana UI: Export prop types for queryfield, modal and field
components.
Toolkit: Fix `Cannot use import statement outside...` error in
tests.
- Update to 9.2.0
Alerting: Add Notification error feedback on contact points
view.
Alerting: Allow created by to be manually set when
there's no creator for silences.
Alerting: Expose info about notification delivery errors
in a new /receivers endpoint.
Alerting: Update imported prometheus alertmanager version.
Alerting: Write and Delete multiple alert instances.
Core: Implement aria attributes for query rows, improve a11y.
DevEnv: Adds docker block for clickhouse.
Docker: removes unneccesary use of edge repo.
Explore: Revert split pane resize feature.
Frontend: Make local storage items propagate to different tabs
immediately.
PublicDashboards: Allow disabling an existent public dashboard
if it.
QueryEditorRow: Only pass error to query editor if panel
is not in a loading state.
XYChart: Beta release.
Alerting: Start ticker only when scheduler starts.
Alerting: Fix pq: missing FROM-clause for table 'a'.
AzureMonitor: Correctly update subscriptions value in ARG
editor.
Chore: Regenerate swagger specification and fix validation
failures.
Correlations: Only return correlation for which both
source and target datasources exist.
Explore: Prevent panes from disappearing when resizing
window in split view.
Links: Fix opening links from different orgs on the same tab.
LogContext: Fix scroll position in upper context group.
Logs: Show copy button independently from context.
Loki/Prometheus: Fix adding of ad hoc filters when
jumping from dashboard to explore.
Loki: Add support for range aggregations with by grouping.
Loki: Fix label-value escaping in context query.
Loki: Fix redundant escaping in adhoc filter with regex match.
PanelEdit: Fixes resize pane border and spacing issues.
RBAC: Redirect to /login when forceLogin is set.
Security: Fix CVE-2022-27664.
StateTimeline: Fix tooltip showing erroneously in shared
crosshair dashboards.
Tempo: Fix unexpected trimming of leading zeroes in traceID.
Tracing: Fix bug where errors are not reported to OpenTelemetry.
- Update to 9.1.8
Alerting: Fix evaluation interval validation.
Alerting: Fix migration to create rules with group index 1.
Alerting: Fix migration to not add label 'alertname'.
Azure Monitor: Fix empty Logs response for Alerting.
Azure Monitor: Fix subscription selector when changing data
sources.
Google Cloud Monitoring: Fix bucket bound for distributions.
- Update to 9.1.7
CloudWatch: Add missing AWS/Prometheus metrics.
Explore: Add feature tracking events.
Graphite: Add error information to graphite queries tracing.
Prometheus: Restore FromAlert header.
Search: Add search index configuration options.
Thresholds: Add option for dashed line style.
Alerting: Fix default query's data source when no default
datasource specified.
Alerting: Fix mathexp.NoData cannot be reduced.
Alerting: Skip unsupported file types on provisioning.
AzureMonitor: Ensure resourceURI template variable is migrated.
Dashboard: Fix plugin dashboard save as button.
Docs: Fix decimals: auto docs for panel edit.
Fix: RBAC handle `error no resolver` found.
LibraryPanelSearch: Refactor and fix hyphen issue.
Live: Fix live streaming with `live-service-web-worker` feature
flag enabled.
QueryField: Fix wrong cursor position on autocomplete.
- Update to 9.1.6
DataSource: Adding possibility to hide queries from the
inspector.
Inspect: Hide Actions tab when it is empty.
PanelMenu: Remove hide legend action as it was showing on
all panel types.
Provisioning Contact points: Support disableResolveMessage via
YAML.
PublicDashboards: Support subpaths when generating pubdash url.
Alerting: Fix legacy migration crash when rule name is too long.
Alerting: Fix send resolved notifications.
Azure Monitor: Fix migration issue with MetricDefinitionsQuery
template variable query types.
Browse: Hide dashboard actions if user does not have enough
permission.
ElasticSearch: Fix dispatching queries at a wrong time.
Panel: Disable legends when showLegend is false prior to
schema v37.
Prometheus: Fix metadata requests for browser access mode.
Search: Avoid requesting all dashboards when in Folder View.
TablePanel/StatPanel: Fix values not being visible when
background transparent.
- Update to 9.1.5
Alerting: Sanitize invalid label/annotation names for external
alertmanagers.
Alerting: Telegram: Truncate long messages to avoid send error.
DisplayProcessor: Handle reverse-ordered data when auto-showing
millis.
Heatmap: Add option to reverse color scheme.
PluginLoader: Alias slate-react as @grafana/slate-react.
Search: Add substring matcher, to bring back the old
dashboard search behavior.
Traces: More visible span colors.
Alerting: Fix incorrect propagation of org ID and other
fields in rule provisioning endpoints.
Alerting: Resetting the notification policy tree to the default
policy will also restore default contact points.
AzureMonitor: Fix custom namespaces.
AzureMonitor: Fix issue where custom metric namespaces
are not included in the metric namespace list.
CloudWatch: Fix display name of metric and namespace.
Cloudwatch: Fix annotation query serialization issue.
Dashboard: Fix issue where unsaved changes warning would appear
even after save, and not being able to change library
panels.
Dashboard: Hide overflow content for single left pane.
Loki: Fix a bug where adding adhoc filters was not possible.
- Update to 9.1.4
GrafanaUI: Fixes Chrome issue for various query fields.
- Update to 9.1.3
API: Do not expose user input in datasource error responses.
Library Panel: Allow to delete them when deprecated.
Plugins Catalog: Allow to filter plugins using special
characters.
Alerting: Fix UI bug when setting custom notification
policy group by.
AppRootPage: Fix issue navigating between two app plugin pages.
Correlations: Use correct fallback handlers.
RBAC: Fix deleting empty snapshots.
LibraryElements: Fix inability to delete library panels
under MySQL.
Metrics: fix `grafana_database_conn_*` metrics, and add
new `go_sql_stats_*` metrics as eventual replacement.
TestData DB: Fix node graph not showing when the `Data type`
field is set to `random`.
* Deprecations
The `grafana_database_conn_*` metrics are deprecated, and will
be removed in a future version of Grafana. Use the
`go_sql_stats_*` metrics instead.
- Update to 9.1.2
AdHoc variable: Correctly preselect datasource when provisioning.
AzureMonitor: Added ARG query function for template variables.
Dashboards: Persist details message when navigating through
dashboard save drawer's tabs.
Dashboards: Correctly migrate mixed data source targets.
Elasticsearch: Use millisecond intervals for alerting.
Elasticsearch: Use millisecond intervals in frontend.
Geomap: Local color range.
Plugins Catalog: Use appSubUrl to generate plugins catalog urls.
Rendering: Add support for renderer token.
Alerting: Fix saving of screenshots uploaded with a signed url.
AngularPanels: Fixing changing angular panel options not taking
having affect when coming back from panel edit.
Explore: Improve a11y of query row collapse button.
Geomap: Fix tooltip display.
QueryEditorRow: Filter data on mount.
Search: Show all dashboards in the folder view.
Tracing: Fix the event attributes in opentelemetry tracing.
GrafanaUI: Fix styles for invalid selects & DataSourcePicker.
- Update to 9.1.1
Cloud Monitoring: Support SLO burn rate.
Schema: Restore 'hidden' in LegendDisplayMode.
Timeseries: Revert the timezone(s) property name change back to
singular.
Alerting: Fix links in Microsoft Teams notifications.
Alerting: Fix notifications for Microsoft Teams.
Alerting: Fix width of Adaptive Cards in Teams notifications.
ColorPickerInput: Fix popover in disabled state.
Decimals: Fixes auto decimals to behave the same for
positive and negative values.
Loki: Fix unique log row id generation.
Plugins: Fix file extension in development authentication guide.
TimeSeries: Fix jumping legend issue.
TimeSeries: Fix memory leak on viz re-init caused by
KeyboardPlugin.
TimePicker: Fixes relative timerange of less than a day not
displaying.
GrafanaUI: Fixes ClipboardButton to always keep multi line
content.
- Update to 9.1.0
API: Allow creating teams with a user defined identifier.
Alerting: Adds interval and For to alert rule details.
Alerting: Extend PUT rule-group route to write the entire
rule group rather than top-level fields only.
Alerting: Use Adaptive Cards in Teams notifications.
Azure Monitor: Add Network Insights Dashboard.
Chore: Improve logging of unrecoverable errors.
Correlations: Add UpdateCorrelation HTTP API.
Dashboard: Reverted the changes of hiding multi-select
and all variable in the datasource picker.
Geomap: Add alpha day/night layer.
Geomap: Add measuring tools.
GrafanaUI: Add success state to ClipboardButton.
Heatmap: Replace the heatmap panel with new implementation.
KVStore: Allow empty value in kv_store.
Prometheus: Promote Azure auth flag to configuration.
Search: Display only dashboards in General folder of
Search Folder View.
Status history/State timeline: Support datalinks.
Transform: Add a limit transform.
Transformations: Add standard deviation and variance reducers.
API: Fix snapshot responses.
Access Control: Fix permission error during dashboard
creation flow.
Access Control: Set permissions for Grafana's test data source.
Alerting: Fix migration failure.
BarGauge: Show empty bar when value, minValue and
maxValue are all equal.
Dashboard: Fix color of bold and italics text in panel
description tooltip.
Loki: Fix passing of query with defaults to code mode.
Loki: Fix producing correct log volume query for query
with comments.
Loki: Fix showing of unusable labels field in detected fields.
Tracing: Fix OpenTelemetry Jaeger context propagation.
Alerting: AlertingProxy to elevate permissions for request
forwarded to data proxy when RBAC enabled.
Plugins: Only pass `rootUrls` field in request when not empty.
Alert notifications to Microsoft Teams now use Adaptive Cards
instead of Office 365 Connector Cards.
Starting at 9.1.0, existing heatmap panels will start using a
new implementation. This can be disabled by setting the
`useLegacyHeatmapPanel` feature flag to true. It can be
tested on a single dashbobard by adding
`?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.
The most notable changes are:
Significantly improved rendering performance
When calculating heatmaps, the buckets are now placed on
reasonable borders (1m, 5m, 30s etc)
Round cells are no longer supported
- Update to 9.0.9
AuthNZ: Security fixes for CVE-2022-35957 and CVE-2022-36062.
- Update to 9.0.8
Alerting: Hide 'no rules' message when we are fetching
from data sources.
Alerting: AlertingProxy to elevate permissions for
request forwarded to data proxy when RBAC enabled.
- Update to 9.0.7
CloudMonitoring: Remove link setting for SLO queries.
GrafanaUI: Render PageToolbar's leftItems regardless of
title's presence.
- Update to 9.0.6
Access Control: Allow org admins to invite new users to
their organization.
Grafana/toolkit: Fix incorrect image and font generation
for plugin builds.
Prometheus: Fix adding of multiple values for regex operator.
UI/Card: Fix card items always having pointer cursor.
- Update to 9.0.5
Access control: Show dashboard settings to users who can
edit dashboard.
Alerting: Allow the webhook notifier to support a custom
Authorization header.
Plugins: Add signature wildcard globbing for dedicated
private plugin type.
Prometheus: Don't show errors from unsuccessful API
checks like rules or exemplar checks.
Access control: Allow organisation admins to add existing
users to org.
Alerting: Fix alert panel instance-based rules filtering.
Apps: Fixes navigation between different app plugin pages.
Cloudwatch: Upgrade grafana-aws-sdk to fix auth issue
with secret keys.
Loki: Fix `show context` not working in some occasions.
RBAC: Fix permissions on dashboards and folders created
by anonymous users.
- Update to 9.0.4
Browse/Search: Make browser back work properly when
visiting Browse or search.
Logs: Improve getLogRowContext API.
Loki: Improve handling of empty responses.
Plugins: Always validate root URL if specified in
signature manfiest.
Preferences: Get home dashboard from teams.
SQLStore: Support Upserting multiple rows.
Traces: Add more template variables in Tempo & Zipkin.
Traces: Remove serviceMap feature flag.
Access Control: Fix missing folder permissions.
Access control: Fix org user removal for OSS users.
Alerting: Fix Slack notifications.
Alerting: Preserve new-lines from custom email templates
in rendered email.
Log: Fix text logging for unsupported types.
Loki: Fix incorrect TopK value type in query builder.
- Update to 9.0.3
Access Control: Allow dashboard admins to query org users.
Alerting: Add method to provisioning API for obtaining a
group and its rules.
Alerting: Allow filtering of contact points by name.
Alerting: Disable /api/admin/pause-all-alerts with
Unified Alerting.
Annotations: Use point marker for short time range annotations.
AzureMonitor: Update UI to experimental package.
AzureMonitor: Update resource and namespace metadata.
CloudWatch: Remove simplejson in favor of 'encoding/json'.
DashboardRow: Collapse shortcut prevent to move the
collapsed rows.
Navigation: Highlight active nav item when Grafana is
served from subpath.
Plugins: InfluxDB datasource - set epoch query param
value as 'ms'.
Plugins: InfluxDB update time range query.
StateTimeline: Try to sort time field.
API: Do not validate/save legacy alerts when saving a
dashboard if legacy alerting is disabled.
Alerting: Add method to reset notification policy tree
back to the default.
Alerting: Fix Teams notifier not failing on 200 response
with error.
Alerting: Fix bug where state did not change between
Alerting and Error.
Alerting: Fix consistency errors in OpenAPI documentation.
Alerting: Fix normalization of alert states for panel
Alerting: Provisioning API respects global rule quota.
CSRF: Fix additional headers option.
Chore: Bump parse-url to 6.0.2 to fix security vulnerabilities.
Chore: Fix CVE-2020-7753.
Chore: Fix CVE-2021-3807.
Chore: Fix CVE-2021-3918.
Chore: Fix CVE-2021-43138.
Chore: Fix CVE-2022-0155.
Dashboard: Fixes tooltip issue with TimePicker and Setting buttons.
Dashboard: Prevent unnecessary scrollbar when viewing
single panel.
Logs: Fixed wrapping log lines from detected fields.
Loki: Add missing operators in label filter expression.
Loki: Fix error when changing operations with different parameters.
Loki: Fix suggesting of correct operations in query builder.
Plugins: InfluxDB variable interpolation fix for
influxdbBackendMigration feature flag.
SQLstore: Fix fetching an inexistent playlist.
Security: Fixes for CVE-2022-31107 and CVE-2022-31097.
Snapshots: Fix deleting external snapshots when using RBAC.
Table: Fix scrollbar being hidden by pagination.
Templating: Changing between variables with the same name
now correctly triggers a dashboard refresh.
Time series panel: Fix an issue with stacks being not complete
due to the incorrect data frame length.
- Update to 9.0.2
Alerting: Add support for images in Pushover alerts.
Alerting: Don't stop the migration when alert rule tags
are invalid.
Alerting: Skip the default data source if incompatible.
AzureMonitor: Parse non-fatal errors for Logs.
OAuth: Restore debug log behavior.
Plugins: Improved handling of symlinks.
Alerting: Code-gen parsing of URL parameters and fix
related bugs.
Annotations: Fix annotation autocomplete causing panels
to crash.
Barchart: Fix warning not showing.
CloudWatch: Enable custom session duration in AWS plugin auth.
Dashboards: Fixes issue with the initial panel layout
counting as an unsaved change.
Plugins: Use a Grafana specific SDK logger implementation
for core plugins.
Search: Fix pagination in the new search page.
- Update to 9.0.1
Alerting: Add support for image annotation in
Alertmanager alerts.
Alerting: Add support for images in SensuGo alerts.
Alerting: Add support for images in Threema alerts.
Alerting: Adds Mimir to Alertmanager data source implementation.
Alerting: Invalid setting of enabled for unified alerting
should return error.
AzureMonitor: Clean namespace when changing the resource.
AzureMonitor: Update supported namespaces and filter
resources by the right type.
CLI: Allow relative symlinks in zip archives when
installing plugins.
Dashboard: Don't show unsaved changes modal for automatic
schema changes.
Dashboard: Unsaved changes warning should not trigger
when only pluginVersion has changed.
Expression: Execute hidden expressions.
Geomap: Support showing tooltip content on click (not
just hover).
Heatmap: Remove alpha flag from new heatmap panel.
Instrumentation: Define handlers for requests that are
not handled with named handlers.
Log Panel: Improve log row hover contrast and visibility.
Logs: Handle backend-mode errors in histogram.
Loki: Do not show histogram for instant queries.
Loki: Handle data source configs with path in the url.
Loki: Handle invalid query type values.
OAuth: Redirect to login if no oauth module is found or
if module is not configured.
OptionsUI: Move internal options editors out of @grafana/ui.
Prometheus: Don't show undefined for step in collapsed
options in query editor when value is 'auto'.
Prometheus: Show query patterns in all editor modes for
Prometheus and Loki.
Tempo: Add link to Tempo Search with node service selected.
Time Series Panel: Add Null Filling and 'No Value' Support.
TimeSeries: Add an option to set legend width.
Timeseries: Improve cursor Y sync behavior.
Traces: Do not use red in span colors as this looks like
an error.
Alerting: Fix AM config overwrite when SQLite db is
locked during sync.
Alerting: Fix alert instances filtering for prom rules.
Alerting: Fix alert rule page crashing when datasource
contained URL unsafe characters.
Alerting: Fix automatically select newly created folder option.
Alerting: Fix removal of notification policy without
labels matchers.
CloudWatch: Allow hidden queries to be executed in case
an ID is provided.
Dashboard: Prevent non-repeating panels being dropped
from repeated rows when collapsed/expanded.
Dashboards: Fix folder picker not showing correct results
when typing too fast.
Datasource: Prevent panic when proxying for non-existing
data source.
Explore: Fix log context scroll to bottom.
Explore: Revert 'Remove support for compact format URLs'.
Expressions: Fixes dashboard schema migration issue that casued
Expression datasource to be set on panel level.
Formatting: Fixes valueFormats for a value of 0.
GrafanaData: Fix week start for non-English browsers.
LibraryPanel: Resizing a library panel to 6x3 no longer
crashes the dashboard on startup.
LogRow: Fix placement of icon.
Loki: Fix bug in labels framing.
Loki: Fix issues with using query patterns.
Loki: Fix showing of duplicated label values in dropdown
in query builder.
MSSQL: Fix ParseFloat error.
Panels: Fixes issue with showing 'Cannot visualize data'
when query returned 0 rows.
Playlists: Disable Create Playlist buttons for users with
viewer role.
Plugins: Fix typo in plugin data frames documentation.
Prometheus: Fix body not being included in resource calls
if they are POST.
RolePicker: Fix submenu position on horizontal space overflow.
Tracing: Fix trace links in traces panel.
Support for compact Explore URLs is deprecated and will be
removed in a future release. Until then, when navigating to
Explore using the deprecated format the URLs are
automatically converted. If you have existing links pointing
to Explore update them using the format generated by Explore
upon navigation. You can identify a compact URL by its
format. Compact URLs have the left (and optionally right) url
parameter as an array of strings, for example
`&left=['now-1h','now'...]`. The standard explore URLs follow
a key/value pattern, for example
`&left={'datasource':'test'...}`. Please be sure to check
your dashboards for any hardcoded links to Explore and update
them to the standard URL pattern.
- Update to 9.0.0
API: Add GET /api/annotations/:annotationId endpoint.
API: Add endpoint for updating a data source by its UID.
AccessControl: Add enterprise only setting for rbac
permission cache.
AccessControl: Document basic roles changes and provisioning V2.
AccessControl: Enable RBAC by default.
AddDataSourceConfig: Remove deprecated checkHealth prop.
Alerting: Add Image URLs to Microsoft Teams notifier.
Alerting: Add RBAC actions and role for provisioning API routes.
Alerting: Add Screenshot URLs to Pagerduty Notifier.
Alerting: Add a 'Reason' to Alert Instances to show
underlying cause of state.
Alerting: Add a general screenshot service and
alerting-specific image service.
Alerting: Add image url or file attachment to email
notifications.
Alerting: Add image_urls to OpsGenie notification details.
Alerting: Add notification policy flow chart.
Alerting: Attach image URL to alerts in Webhook notifier format.
Alerting: Attach image URLs or upload files to Discord
Alerting: Attach image URLs to Google Chat notifications.
Alerting: Attach screenshot data to Unified Alerting
Alerting: Create folder for alerting when start from the
scratch.
Alerting: Modify alertmanager endpoints for proxying
using the datasource UID.
Alerting: Modify endpoint for testing a datasource rule
using the UID.
Alerting: Modify prometheus endpoints for proxying using
the datasource UID.
Alerting: State Manager takes screenshots.
Alerting: Use UID scope for folders authorization.
Alerting: modify ruler endpoints for proxying using the
datasource UID.
Angular: Adds back two angular directives that are still
used by remaining angular bits and plugins.
Azure Monitor: Add Resource Picker to Metrics Queries.
Azure Monitor: Add search feature to resource picker.
AzureMonitor: Add support for selecting multiple options when
using the equals and not equals dimension filters.
AzureMonitor: Remove deprecated code.
Build: Change names to PascalCase to match.
Chore: Remove deprecated DataSourceAPI methods.
Chore: Upgrade typescript to 4.6.4.
Cloud Monitoring: Use new annotation API.
CloudMonitoring: Allow to set a custom value or disable
graph_period.
CloudWatch: Add generic filter component to variable editor.
CloudWatch: Added missing AWS/AppRunner metrics.
CloudWatch: Enable support for dynamic labels with
migrated alias patterns.
Cloudwatch: Pass label in deep link.
Cloudwatch: Use new annotation API.
Dashboard: Validate dashboards against schema on save.
DashboardPickerByID: Add option to exclude dashboards.
DashboardPickerById: Add optionLabel prop.
Dashboards: Display values of 0 with the configured
decimal places.
Data: Remove deprecated types and functions from valueMappings.
Elasticsearch: Remove browser access mode.
Elasticsearch: Remove support for versions after their
end of the life (<7.10.0).
Encryption: Add support for multiple data keys per day.
Encryption: Enable envelope encryption by default.
Explore: Remove support for legacy, compact format URLs.
Explore: Skip Angular error handling when Angular support
is disabled.
Explore: simplify support for multiple query editors.
FeatureToggles: Support changing feature toggles with URL
parameters.
FileUpload: Make component accessible by keyboard navigation.
Formatting: Make SI number formats more robust.
Graph: Deprecate Graph (old) and make it no longer a
visualization option for new panels.
IconButton: IconButtons are now correctly aligned in Safari.
Logger: Enable new logging format by default.
Loki: Add more query patterns.
Loki: Enable new visual query builder by default.
Loki: use the same dataframe-format for both live and
normal queries.
OAuth: Make allowed email domain case insensitive.
Panels: Use the No value option when showing the no data
message.
Plugins: Remove plugin list panel.
Query History: Enable new query history by default.
QueryEditorRow: Show query errors next to query in a
consistent way across Grafana.
SAML: Implement Name Templates for
assertion_attribute_name option.
Service accounts: Do not display service accounts
assigned to team.
Settings: Use Grafana Azure SDK to pass Azure env vars
for external plugins.
Shortcuts: Add shortcut to show shortcuts to the list of
shortcuts.
Traces Panel: Add new Traces Panel visualization.
Traces: Filter by service/span name and operation in
Tempo and Jaeger.
Transformations: Allow more complex regex expressions
in `Rename by regex`.
grafana/ui: Add default type='button' to <Button>.
Alerting: Fix database unavailable removes rules from scheduler.
AzureMonitor: Fix auto-selection of time-grain for metrics.
DataSources: Fixes issue with expressions not being queried.
GraphNG: Fix thresholds by color not following data update.
Jaeger: Update operations dropdown.
Login: Fix mismatching label on auth_module in user list.
Playlists: Save button now correctly creates a new playlist.
RBAC: Fix migrations running in the wrong order causing
inheritance problem in enterprise.
ServiceAccounts: Add identifiable token prefix to service
account tokens.
Traces: Fix missing CopyButton on KeyValueTables and
overlapping of panels.
`setExploreQueryField`, `setExploreMetricsQueryField` and
`setExploreLogsQueryField` are now deprecated and will be
removed in a future release. If you need to set a different
query editor for Explore, conditionally render based on
`props.app` in your regular query editor.
Chore: Remove react-testing-lib from bundles.
Select: Portal menu by default.
The `@grafana/ui` package helper function
`selectOptionInTest` used in frontend tests has been removed
as it caused testing libraries to be bundled in the
production code of Grafana. If you were using this helper
function in your tests please update your code accordingly:
```js
// before
import { selectOptionInTest } from '@grafana/ui';
// ...test usage
await selectOptionInTest(selectEl, 'Option 2');
// after
import { select } from 'react-select-event';
await select(selectEl, 'Option 2',
{ container: document.body });
```
Removed deprecated `checkHealth` prop from the `@grafana/e2e`
`addDataSource` config. Previously this value defaulted to
`false`, and has not been used in end-to-end tests since
Grafana 8.0.3.
Removes the deprecated `LegacyBaseMap`, `LegacyValueMapping`,
`LegacyValueMap`, and `LegacyRangeMap` types, and
`getMappedValue` function from grafana-data. Migration is as
follows:
| Old | New |
| -------------------- | ----------------------- |
| `LegacyBaseMap` | `MappingType` |
| `LegacyValueMapping` | `ValueMapping` |
| `LegacyValueMap` | `ValueMap` |
| `LegacyRangeMap` | `RangeMap` |
| `getMappedValue` | `getValueMappingResult` |
This change fixes a bug in Grafana where intermittent failure
of database, network between Grafana and the database, or
error in querying the database would cause all alert rules to
be unscheduled in Grafana. Following this change scheduled
alert rules are not updated unless the query is successful.
The `get_alert_rules_duration_seconds` metric has been
renamed to `schedule_query_alert_rules_duration_seconds`.
Any secret (data sources credential, alert manager
credential, etc, etc) created or modified with Grafana v9.0
won't be decryptable from any previous version (by default)
because the way encrypted secrets are stored into the
database has changed. Although secrets created or modified
with previous versions will still be decryptable by Grafana
v9.0.
If required, although generally discouraged, the
`disableEnvelopeEncryption` feature toggle can be enabled to
keep envelope encryption disabled once updating to Grafana
In case of need to rollback to an earlier version of Grafana
(i.e. Grafana v8.x) for any reason, after being created or
modified any secret with Grafana v9.0, the
`envelopeEncryption` feature toggle will need to be enabled
to keep backwards compatibility (only from `v8.3.x` a bit
unstable, from `8.5.x` stable).
As a final attempt to deal with issues related with the
aforementioned situations, the `grafana-cli admin
secrets-migration rollback` command has been designed to
move back all the Grafana secrets encrypted with envelope
encryption to legacy encryption. So, after running that
command it should be safe to disable envelope encryption
and/or roll back to a previous version of Grafana.
Alternatively or complementarily to all the points above,
backing up the Grafana database before updating could be a
good idea to prevent disasters (although the risk of getting
some secrets corrupted only applies to those updates/created
with after updating to Grafana v9.0).
According to the dynamic labels documentation, you can use up
to five dynamic values per label. There’s currently no such
restriction in the alias pattern system, so if more than 5
patterns are being used the GetMetricData API will return an
error.
Dynamic labels only allow \${LABEL} to be used once per
query. There’s no such restriction in the alias pattern
system, so in case more than 1 is being used the
GetMetricData API will return an error.
When no alias is provided by the user, Grafana will no longer
fallback with custom rules for naming the legend.
In case a search expression is being used and no data is
returned, Grafana will no longer expand dimension values, for
instance when using a multi-valued template variable or star
wildcard `*` in the dimension value field.
Time series might be displayed in a different order. Using
for example the dynamic label `${PROP('MetricName')}`, might
have the consequence that the time series are returned in a
different order compared to when the alias pattern
`{{metric}}` is used
In Elasticsearch, browser access mode was deprecated in
grafana 7.4.0 and removed in 9.0.0. If you used this mode,
please switch to server access mode on the datasource
configuration page.
Environment variables passed from Grafana to external Azure
plugins have been renamed:
`AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`
`AZURE_MANAGED_IDENTITY_ENABLED` renamed to
`GFAZPL_MANAGED_IDENTITY_ENABLED`
`AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to
`GFAZPL_MANAGED_IDENTITY_CLIENT_ID`
There are no known plugins which were relying on these
variables. Moving forward plugins should read Azure settings
only via Grafana Azure SDK which properly handles old and new
environment variables.
Removes support for for ElasticSearch versions after their
end-of-life, currently versions < 7.10.0. To continue to use
ElasticSearch data source, upgrade ElasticSearch to version
7.10.0+.
Application Insights and Insight Analytics queries in Azure
Monitor were deprecated in Grafana 8.0 and finally removed in
9.0. Deprecated queries will no longer be executed.
grafana/ui: Button now specifies a default type='button'
The `Button` component provided by @grafana/ui now specifies
a default `type='button'` when no type is provided.
In previous versions, if the attribute was not specified for
buttons associated with a `<form>` the default value was
`submit` per the specification. You can preserve the old
behavior by explicitly setting the type attribute:
`<Button type='submit' />`
The `Rename by regex` transformation has been improved to
allow global patterns of the form `/<stringToReplace>/g`.
Depending on the regex match used, this may cause some
transformations to behave slightly differently. You can
guarantee the same behaviour as before by wrapping the
`match` string in forward slashes (`/`), e.g. `(.*)` would
become `/(.*)/`
`<Select />` menus will now portal to the document body by
default. This is to give more consistent behaviour when
positioning and overlaying. If you were setting
`menuShouldPortal={true}` before you can safely remove that
prop and behaviour will be the same. If you weren't
explicitly setting that prop, there should be no visible
changes in behaviour but your tests may need updating. If you
were setting `menuShouldPortal={false}` this will continue to
prevent the menu from portalling.
Grafana alerting endpoint prefixed with `api/v1/rule/test`
that tests a rule against a Corte/Loki data source now
expects the data source UID as a path parameter instead of
the data source numeric identifier.
Grafana alerting endpoints prefixed with `api/prometheus/`
that proxy requests to a Cortex/Loki data source now expect
the data source UID as a path parameter instead of the data
source numeric identifier.
Grafana alerting endpoints prefixed with `api/ruler/` that
proxy requests to a Cortex/Loki data source now expect the
data source UID as a path parameter instead of the data
Grafana alerting endpoints prefixed with `api/alertmanager/`
that proxy requests to an Alertmanager now expect the data
source UID as a path parameter instead of the data source
numeric identifier.
The format of log messages have been updated, `lvl` is now
`level` and `eror`and `dbug` has been replaced with `error`
and `debug`. The precision of timestamps has been increased.
To smooth the transition, it is possible to opt-out of the
new log format by enabling the feature toggle `oldlog`.
This option will be removed in a future minor release.
In the Loki data source, the dataframe format used to
represent Loki logs-data has been changed to a more efficient
format. The query-result is represented by a single dataframe
with a 'labels' column, instead of the separate dataframes
for every labels-value. When displaying such data in explore,
or in a logs-panel in the dashboard will continue to work
without changes, but if the data was loaded into a different
dashboard-panel, or Transforms were used, adjustments may be
necessary. For example, if you used the 'labels to fields'
transformation with the logs data, please switch to the
'extract fields' transformation.
- Update to version 8.5.22:
* Fix XSS in Graphite functions tooltip
(bsc#1209645, CVE-2023-1410)
- Update to version 8.5.21:
* Apply attribute sanitation to GeomapPanel
(bsc#1208821, CVE-2023-0507)
* Avoid storing XSS in TraceView panel
(bsc#1208819, CVE-2023-0594)
* Login: Fix panic when UpsertUser is called without ReqContext
- Fix basic authentication bypass by updating the exporter toolkit
to version 0.7.3 (bsc#1208065, CVE-2022-46146).
- Require Go 1.19 or newer (bsc#1208293, CVE-2022-41723)
- Update to version 8.5.20:
* Security: SVG: Add dompurify preprocessor step
(bsc#1207749, CVE-2022-23552)
* Security: Snapshots: Fix originalUrl spoof security issue
(bsc#1207750, CVE-2022-39324)
* Security: Omit error from http response
* Bug fix: Email and username trimming and invitation validation
- Update to version 8.5.15 (jsc#PED-2617):
* Security: Fix for privilege escalation
(bsc#1205225, CVE-2022-39306)
* Security: Omit error from http response when user does not
exists (bsc#1205227, CVE-2022-39307)
- Update to version 8.5.14:
* Security: Fix do not forward login cookie in outgoing requests
(bsc#1204303, CVE-2022-39201)
* Security: Make proxy endpoints not leak sensitive HTTP headers
(bsc#1204305, CVE-2022-31130)
* Security: Fix plugin signature bypass (bsc#1204302, CVE-2022-31123)
* Security: Fix blocknig other users from signing in (bsc#1204304,
CVE-2022-39229)
- Update to version 8.5.13 (jsc#PED-2145):
+ Features and enhancements:
* Plugins: Expose emotion/react to plugins to prevent load
failures
+ Bug fix:
* AuthNZ: Security fixes for (bsc#1203596, CVE-2022-36062) and
(bsc#1203597, CVE-2022-35957)
- Update to version 8.5.11:
* Rendering: Add support for renderer token
* Alerting: AlertingProxy to elevate permissions for request
forwarded to data proxy when RBAC enabled
- Update to version 8.5.10
+ Bug fixes (8.5.10):
* RBAC: Fix Anonymous Editors missing dashboard controls.
#52649, @gamab
+ Bug fixes (8.5.9):
* Security: Fixes for CVE-2022-31107 and CVE-2022-31097.
#52238, @xlson
+ Bug fixes (8.5.6):
* Dashboard: Fixes random scrolling on time range change.
#50379, @torkelo
* Security: Fixes minor code scanning security warnings in old
vendored javascript libs. #50382, @torkelo
+ Features and enhancements (8.5.5):
* Azure Monitor: Include datasource ref when interpolating
variables. #49543, @kevinwcyu
* CloudWatch: Add multi-value template variable support for log
group names in logs query builder. #49737, @kevinwcyu
* Cloudwatch: Add template variable query function for listing
log groups. #50100, @yaelleC
+ Bug fixes (8.5.5):
* Alerting: Do not overwrite existing alert rule condition.
#49920, @gillesdemey
* Alerting: Remove double quotes from matchers. #50044,
@alexweav
+ Features and enhancements (8.5.4):
* Alerting: Remove disabled flag for data source when migrating
alerts. #48559, @yuri-tceretian
* Alerting: Show notification tab of legacy alerting only to
editor. #49624, @yuri-tceretian
* Alerting: Update migration to migrate only alerts that belong
to existing org\dashboard. #49192, @yuri-tceretian
* AzureMonitor: Do not quote variables when a custom 'All'
variable option is used. #49428, @andresmgot
* AzureMonitor: Update allowed namespaces. #48468,
@jcolladokuri
* CloudMonitor: Correctly encode default project response.
#49510, @aangelisc
* Cloudwatch: Add support for new AWS/RDS EBS* metrics.
#48798, @szymonpk
* InfluxDB: Use backend for influxDB by default via feature
toggle. #48453, @yesoreyeram
* Legend: Use correct unit for percent and count calculations.
#49004, @dprokop
* LokI: use millisecond steps in Grafana 8.5.x. #48630, @gabor
* Plugins: Introduce HTTP 207 Multi Status response to
api/ds/query. #48550, @wbrowne
* Transformations: Add an All Unique Values Reducer. #48653,
@josiahg
* Transformers: avoid error when the ExtractFields source field
is missing. #49368, @wardbekker
* [v8.5.x] Alerting: Update migration to migrate only alerts
that belong to existing org\dashboard. #49199, @grafanabot
+ Bug fixes (8.5.4):
* Alerting: Allow disabling override timings for notification
policies. #48648, @gillesdemey
* Alerting: Allow serving images from custom url path. #49022,
@gillesdemey
* Alerting: Apply Custom Headers to datasource queries. #47860,
@joeblubaugh
* Alerting: Fix RBAC actions for notification policies. #49185,
@yuri-tceretian
* Alerting: Fix access to alerts for viewer with editor
permissions when RBAC is disabled. #49270, @yuri-tceretian
* Alerting: Fix anonymous access to alerting. #49203,
* Alerting: correctly show all alerts in a folder. #48684,
* AzureMonitor: Fixes metric definition for Azure Storage
queue/file/blob/table resources. #49101, @aangelisc
* Dashboard: Fix dashboard update permission check. #48746,
@IevaVasiljeva
* DashboardExport: Fix exporting and importing dashboards where
query data source ended up as incorrect. #48410, @torkelo
* FileUpload: clicking the Upload file button now opens their
modal correctly. #48766, @ashharrison90
* GrafanaUI: Fix color of links in error Tooltips in light
theme. #49327, @joshhunt
* LibraryPanels: Fix library panels not connecting properly in
imported dashboards. #49161, @joshhunt
* Loki: Improve unpack parser handling. #49074, @gabor
* RolePicker: Fix menu position on smaller screens. #48429,
@Clarity-89
* TimeRange: Fixes updating time range from url and browser
history. #48657, @torkelo
* TimeSeries: Fix detection & rendering of sparse datapoints.
#48841, @leeoniya
* Timeseries: Fix outside range stale state. #49633, @ryantxu
* Tooltip: Fix links not legible in Tooltips when using light
theme. #48748, @joshhunt
* Tooltip: Sort decimals using standard numeric compare.
#49084, @dprokop
* Transforms: Labels to fields, fix label picker layout.
#49304, @torkelo
* Variables: Fixes issue with data source variables not
updating queries with variable. #49478, @torkelo
* [v8.5.x] Alerting: Fix RBAC actions for notification policies
(#49185). #49348, @yuri-tceretian
* [v8.5.x] Alerting: Fix access to alerts for viewer with
editor permissions when RBAC is disabled. #49427, @konrad147
* [v8.5.x] Alerting: Fix anonymous access to alerting. #49268,
+ Breaking changes (8.5.4):
For a data source query made via /api/ds/query:
If the DatasourceQueryMultiStatus feature is enabled and
The data source response has an error set as part of the
DataResponse, the resulting HTTP status code is now 207
Multi Status instead of 400 Bad gateway
If the DatasourceQueryMultiStatus feature is not enabled and
DataResponse, the resulting HTTP status code is 400 Bad
Request (no breaking change)
--> Issue #48550
+ Bug fixes (8.5.3):
* Security: fixes CVE-2022-29170. #49240, @xlson
+ Features and enhancements (8.5.2):
* Alerting: Add safeguard for migrations that might cause
dataloss. #48526, @JohnnyQQQQ
* AzureMonitor: Add support for not equals and startsWith
operators when creating Azure Metrics dimension filters.
#48077, @aangelisc
* Elasticsearch: Add deprecation notice for < 7.10 versions.
#48506, @ivanahuckova
* Traces: Filter by service/span name and operation in Tempo
and Jaeger. #48209, @joey-grafana
+ Bug fixes (8.5.2):
* AzureAd Oauth: Fix strictMode to reject users without an
assigned role. #48474, @kyschouv
* CloudWatch: Fix variable query tag migration. #48587, @iwysiu
* Plugins: Ensure catching all appropriate 4xx api/ds/query
scenarios. #47565, @wbrowne
+ Bug fixes (8.5.1):
* Azure Monitor: Fix space character encoding for metrics query
link to Azure Portal. #48139, @kevinwcyu
* CloudWatch: Prevent log groups from being removed on query
change. #47994, @asimpson
* Cloudwatch: Fix template variables in variable queries.
#48140, @iwysiu
* Explore: Prevent direct access to explore if disabled via
feature toggle. #47714, @Elfo404
* InfluxDB: Fixes invalid no data alerts. #48295, @yesoreyeram
* Navigation: Prevent navbar briefly showing on login. #47968,
@ashharrison90
* Plugins Catalog: Fix styling of hyperlinks. #48196, @marefr
* Table: Fix filter crashes table. #48258, @zoltanbedi
* TimeSeries: Properly stack series with missing datapoints.
#48321, @leeoniya
+ Features and enhancements (8.5.0):
* Alerting: Add contact points provisioning API. #47197,
@JohnnyQQQQ
* Alerting: Add resolved count to notification title when both
firing and resolved present. #46697, @JacobsonMT
* Alerting: Alert rule should wait For duration when execution
error state is Alerting. #47052, @grobinson-grafana
* Alerting: Classic conditions can now display multiple values.
#46971, @gotjosh
* Alerting: Display query from grafana-managed alert rules on
/api/v1/rules. #45969, @gotjosh
* Alerting: Enhance support for arbitrary group names in
managed alerts. #47785, @gillesdemey
* Alerting: add field for custom slack endpoint. #45751,
@nathanrodman
* Azure Monitor : Adding json formatting of error messages in
Panel Header Corner and Inspect Error Tab. #44877, @yaelleC
* Azure Monitor: Add 2 more Curated Dashboards for VM Insights.
#45187, @jcolladokuri
* CloudWatch: Handle new error codes for MetricInsights.
#47033, @Gabrielopesantos
* Dashboards: show changes in save dialog. #46557, @ryantxu
* DataSource: Default data source is no longer a persisted
state but just the default data source for new panels.
#45132, @torkelo
* DataSourcePlugin API: Allow queries import when changing data
source type. #47435, @dprokop
* Explore: Remove return to panel button. #45018, @gelicia
* Explore: allow users to save Explore state to a new panel in
a new dashboard. #45148, @Elfo404
* Instrumentation: Proxy status code correction and various
improvements. #47473, @marefr
* Logging: Introduce feature toggle to activate gokit/log
format. #47336, @ying-jeanne
* NewsPanel: Add support for Atom feeds. #45390, @kaydelaney
* Plugins: Add deprecation notice for /api/tsdb/query endpoint.
#45238, @wbrowne
* Plugins: Adding support for traceID field to accept
variables. #45559, @vinisdl
* PostgreSQL: __unixEpochGroup to support arithmetic expression
as argument. #46764, @s0nik42
* Profile/Help: Expose option to disable profile section and
help menu. #46308, @cameronwaterman
* Prometheus: Enable new visual query builder by default.
#46634, @torkelo
* SAML: Allow disabling of SAML signups. #47481, @mmandrus
* SAML: Allow disabling of SAML signups. (Enterprise)
* Table: New pagination option. #45732, @zoltanbedi
* TablePanel: Add cell inspect option. #45620, @dprokop
* Tempo / Trace Viewer: Support Span Links in Trace Viewer.
#45632, @Shachi16
* Tempo: Download span references in data inspector. #47074,
@connorlindsey
* Tempo: Separate trace to logs and loki search datasource
config. #46655, @connorlindsey
* Trace View: Show number of child spans. #44393, @tharun208
* Transformations: Support escaped characters in key-value pair
parsing. #47901, @aangelisc
+ Bug fixes (8.5.0):
* Azure Monitor: Bug Fix for incorrect variable cascading for
template variables. #47478, @jcolladokuri
* CloudWatch: List all metrics properly in SQL autocomplete.
#45898, @sunker
* CloudWatch: Run query on blur in logs query field. #47454,
@fridgepoet
* Dashboard: Template variables are now correctly persisted
when clicking breadcrumb links. #46790, @ashharrison90
* DashboardPage: Remember scroll position when coming back
panel edit / view panel. #47639, @torkelo
* Panel Edit: Options search now works correctly when a
logarithmic scale option is set. #47927, @ashharrison90
* Postgres: Return tables with hyphenated schemes. #45754,
@zuchka
* Table panel: Fix horizontal scrolling when pagination is
enabled. #47776, @dprokop
* Variables: Ensure variables in query params are correctly
recognised. #47049, @ashharrison90
* Variables: Fix crash when changing query variable datasource.
#44957, @joshhunt
* Visualizations: Stack negative-valued series downwards.
#47373, @leeoniya
+ Breaking changes (8.5.0):
For a proxied request, e.g. Grafana's datasource or plugin
proxy: If the request is cancelled, e.g. from the browser/by
the client, the HTTP status code is now 499 Client closed
request instead of 502 Bad gateway If the request times out,
e.g. takes longer time than allowed, the HTTP status code is
now 504 Gateway timeout instead of 502 Bad gateway. Issue
#47473 The change in behavior is that negative-valued series
are now stacked downwards from 0 (in their own stacks), rather
than downwards from the top of the positive stacks. We now
automatically group stacks by Draw style, Line interpolation,
and Bar alignment, making it impossible to stack bars on top of
lines, or smooth lines on top of stepped lines. Issue #47373
The meaning of the default data source has now changed from
being a persisted property in a panel. Before when you selected
the default data source for a panel and later changed the
default data source to another data source it would change all
panels who were configured to use the default data source. From
now on the default data source is just the default for new
panels and changing the default will not impact any currently
saved dashboards. Issue #45132 The Tooltip component provided
by @grafana/ui is no longer automatically interactive (that is
you can hover onto it and click a link or select text). It will
from now on by default close automatically when you mouse out
from the trigger element. To make tooltips behave like before
set the new interactive property to true.
+ Deprecations (8.5.0):
/api/tsdb/query API has been deprecated and will be removed in
a future release. Use /api/ds/query instead. Issue #45238
+ Plugin development fixes & changes (8.5.0):
* Card: Increase clickable area when meta items are present.
#47935, @ashharrison90
* Loki: Fix operator description propup from being shortened.
#46575, @glintik
* Tooltips: Make tooltips non interactive by default. #45053,
@torkelo
+ Features and enhancements (8.4.7):
* CloudWatch: Added missing MemoryDB Namespace metrics. #47290,
@james-deee
* Histogram Panel: Take decimal into consideration. #47330,
@mdvictor
* TimeSeries: Sort tooltip values based on raw values. #46738,
@dprokop
+ Bug fixes (8.4.7):
* API: Include userId, orgId, uname in request logging
middleware. #47183, @marefr
* Elasticsearch: Respect maxConcurrentShardRequests datasource
setting. #47120, @alexandrst88
+ Features and enhancements (8.4.5):
* Instrumentation: Make backend plugin metrics endpoints
available with optional authentication. #46467, @marefr
* Table panel: Show datalinks for cell display modes JSON View
and Gauge derivates. #46020, @mdvictor
+ Bug fixes (8.4.5):
* Azure Monitor: Small bug fixes for Resource Picker. #46665,
@sarahzinger
* Logger: Use specified format for file logger. #46970, @sakjur
* Logs: Handle missing fields in dataframes better. #46963,
@gabor
* ManageDashboards: Fix error when deleting all dashboards from
folder view. #46877, @joshhunt
+ Features and enhancements (8.4.4):
* Loki: Add unpack to autocomplete suggestions (#44623).
#46573, @glintik
* Plugins: allow using both Function and Class components for
app plugins. #46148, @leventebalogh
* TimeSeries: Add migration for Graph panel's transform series
override. #46577, @dprokop
* TimeSeries: Preserve null/undefined values when performing
negative y transform. #46584, @dprokop
+ Bug fixes (8.4.4):
* CloudWatch: Use default http client from aws-sdk-go. #46370,
@sunker
* Dashboards: Fixes repeating by row and no refresh. #46565,
* Gauge: Fixes blank viz when data link exists and orientation
was horizontal. #46335, @torkelo
* Search: sort results correctly when using postgres. #46466,
@xlson
* TagsInput: fix tags remove button accessibility issues.
#46254, @Elfo404
* TextPanel: Sanitize after markdown has been rendered to html.
#46166, @ashharrison90
+ Features and enhancements (8.4.3):
* Alerting: Grafana uses > instead of >= when checking the For
duration. #46010
* Alerting: Use expanded labels in dashboard annotations.
#45726, @grobinson-grafana
* Logs: Escape windows newline into single newline. #45771,
@perosb
+ Bug fixes (8.4.3):
* Alerting: Fix use of > instead of >= when checking the For
duration. #46011, @grobinson-grafana
* Azure Monitor: Fixes broken log queries that use workspace.
#45820, @sunker
* CloudWatch: Remove error message when using multi-valued
template vars in region field. #45886, @sunker
* Middleware: Fix IPv6 host parsing in CSRF check. #45911,
@ying-jeanne
+ Plugin development fixes & changes (8.4.3):
* ClipboardButton: Use a fallback when the Clipboard API is
unavailable. #45831, @ashharrison90
+ Features and enhancements (8.4.2):
* OAuth: Add setting to skip org assignment for external
users. #34834, @baez90
* Tracing: Add option to map tag names to log label names in
trace to logs settings. #45178, @connorlindsey
+ Bug fixes (8.4.2):
* Explore: Fix closing split pane when logs panel is
used. #45602, @ifrost
+ Features and enhancements (8.4.1):
* Cloudwatch: Add support for AWS/PrivateLink* metrics and
dimensions. #45515, @szymonpk
* Configuration: Add ability to customize okta login button
name and icon. #44079, @DanCech
* Tempo: Switch out Select with AsyncSelect component to get
loading state in Tempo Search. #45110, @CatPerry
+ Bug fixes (8.4.1):
* Alerting: Fix migrations by making send_alerts_to field
nullable. #45572, @santihernandezc
+ Features and enhancements (8.4.0):
* API: Extract OpenAPI specification from source code using
go-swagger. #40528, @papagian
* AccessControl: Disable user remove and user update roles when
they do not have the permissions. #43429, @Jguer
* AccessControl: Provisioning for teams. #43767, @gamab
* API: Add usage stats preview endpoint. #43899, @Jguer
* Alerting: Move slow queries in the scheduler to another
goroutine. #44423, @grobinson-grafana
* Alerting: Use time.Ticker instead of alerting.Ticker in
ngalert. #44395, @grobinson-grafana
* Alerting: add custom grouping to Alert Panel. #44559,
* Analytics: Add user id tracking to google analytics.
#42763, @autoric
* Angular: Add AngularJS plugin support deprecation plan to
docs site. #45149, @torkelo
* Auth: implement auto_sign_up for auth.jwt. #43502, @sakjur
* Azure Monitor Logs: Order subscriptions in resource picker by
name. #45228, @sunker
* Azure monitor Logs: Optimize data fetching in resource
picker. #44549, @sunker
* AzureMonitor: Filter list of resources by resourceType.
#43522, @andresmgot
* BarChart: color by field, x time field, bar radius, label
skipping. #43257, @leeoniya
* Chore: Implement OpenTelemetry in Grafana. #42674, @idafurjes
* Cloud Monitoring: Adds metric type to Metric drop down
options. #43268, @tw1nk
* CloudWatch: Add Data Lifecycle Manager metrics and dimension.
#43310, @ilyastoli
* CloudWatch: Add Missing Elasticache Host-level metrics.
#43455, @dhendo
* CloudWatch: Add all ElastiCache Redis Metrics. #43336,
@siavashs
* CloudWatch: Add new AWS/ES metrics. #43034, @sunker
* Cloudwatch: Add syntax highlighting and autocomplete for
'Metric Search'. #43985, @sarahzinger
* Explore: Support custom display label for exemplar links for
Prometheus datasource. #42732, @JokerQueue
* Hotkeys: Make time range absolute/permanent. #43802, @davkal
* Playlists: Enable sharing direct links to playlists. #44161,
* SQLStore: Prevent concurrent migrations. #44101, @papagian
* SSE: Add Mode to drop NaN/Inf/Null in Reduction operations.
#43583, @kylebrandt
* Setting: Support configuring feature toggles with bools
instead of just passing an array. #43326, @bergquist
* TimeSeries: Add support for negative Y and constant
transform. #44774, @dprokop
* Transformations: Add 'JSON' field type to
ConvertFieldTypeTransformer. #42624, @sd2k
+ Bug fixes (8.4.0):
* Auth: Guarantee consistency of signed SigV4 headers.
#45054, @wbrowne
* CloudWatch: Fix MetricName resetting on Namespace change.
#44165, @yaelleC
* Cloudwatch : Fixed reseting metric name when changing
namespace in Metric Query. #44612, @yaelleC
* Explore: Avoid locking timepicker when range is inverted.
#44790, @Elfo404
* Instrumentation: Fix HTTP request instrumentation of
authentication failures. #44234, @marefr
* LibraryPanels: Prevent long descriptions and names from
obscuring the delete button. #45190, @zuchka
* OAuth: Fix parsing of ID token if header contains non-string
value. #44159, @marefr
* Panel Edit: Visualization search now works correctly with
special characters. #45137, @ashharrison90
* Provisioning: Fix duplicate validation when multiple
organizations have been configured. #44151, @marefr
* QueryField: Fix issue with undo history when suggestion is
inserted (#28656). #39114, @glintik
* TablePanel: Do not prefix columns with frame name if multiple
frames and override active. #45174, @mdvictor
+ Deprecations (8.4.0):
AngularJS plugin support is now in a deprecated state, meaning
it will be removed in a future release. Currently, that is
planned for version 10 (in 2023). The documentation site has an
article with more details on why, when, and how. Issue #45149
- Update to version 8.3.10
+ Security:
* Fixes XSS vulnerability in the Unified Alerting
(bsc#1201535, CVE-2022-31097)
* Fixes OAuth account takeover vulnerability
(bsc#1201539, CVE-2022-31107)
- Update to version 8.3.9
+ Bug fixes:
* Geomap: Display legend
* Prometheus: Fix timestamp truncation
- Update to version 8.3.7
* Provisioning: Ensure that the default value for orgID is set
when provisioning datasources to be deleted.
- Update to version 8.3.6
* Cloud Monitoring: Reduce request size when listing labels.
* Explore: Show scalar data result in a table instead of graph.
* Snapshots: Updates the default external snapshot server URL.
* Table: Makes footer not overlap table content.
* Tempo: Add request histogram to service graph datalink.
* Tempo: Add time range to tempo search query behind a feature flag.
* Tempo: Auto-clear results when changing query type.
* Tempo: Display start time in search results as relative time.
* CloudMonitoring: Fix resource labels in query editor.
* Cursor sync: Apply the settings without saving the dashboard.
* LibraryPanels: Fix for Error while cleaning library panels.
* Logs Panel: Fix timestamp parsing for string dates without timezone.
* Prometheus: Fix some of the alerting queries that use reduce/math operation.
* TablePanel: Fix ad-hoc variables not working on default datasources.
* Text Panel: Fix alignment of elements.
* Variables: Fix for constant variables in self referencing links.
- Update _constraints to require at least 5GB, because with less we
can't build it.
- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422,
jsc#SLE-24565)
+ Security: Fixes CVE-2021-43813 and CVE-2021-43815,
bsc#1193686.
+ Security: Fixes CVE-2021-43798, bsc#1193492.
+ Security: Fixes CVE-2021-41244, bsc#1192763.
+ Security: Fixes CVE-2021-41174, bsc#1192383.
fix CVE-2021-3711, bsc#1189520.
* Security: Update dependencies to fix CVE-2021-36222,
bsc#1188571.
mgr-push:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.6-1
* Remove unused makefiles
- Version 4.4.5-1
* Use http to connect to localhost server
* Use bundle CA certificate in rhnpush
- Version 4.4.4-1
* remove pylint check at build time
- Version 4.4.3-1
* Ensure installation of make for building
- Version 4.4.2-1
* Update translation strings
- Version 4.4.1-1
* Bump version to 4.4.0
prometheus-blackbox_exporter:
- Use obscpio for go modules service
- Set version number
- Set build date from SOURCE_DATE_EPOCH
- Update to 0.24.0 (bsc#1212279, jsc#PED-4556)
* Requires go1.19
- Drop:
- Avoid empty validation script
- Add rc symlink for backwards compatibility
- Fix authentication bypass via cache poisoning
(CVE-2022-46146, bsc#1208062)
- Add `min_version` parameter of `tls_config` to allow enabling
TLS 1.0 and 1.1 (bsc#1209113)
- On SUSE Linux Enterprise build always with Go >= 1.19 (bsc#1203599)
- Build with go1.18 only for SLE-15-SP3 and
build with >= go1.19 on higher SP (bsc#1203599)
- Require go1.18 (bsc#1203599, GH#19127)
- Exclude s390 arch
- Fix %pre section to avoid empty content
- Updated to allow building on older rpmbuild.
- Enhanced to build on Enterprise Linux 8
prometheus-postgres_exporter:
- CVE-2022-46146: Fix authentication bypass via cache poisoning (bsc#1208060)
- Remove duplicated call to systemd requirements
- Do not build debug if RHEL >= 8
- Do not strip if SUSE Linux Enterprise 15 SP3
- Build at least with with Go >= 1.18 on RHEL
- Build with Go >= 1.20 elsewhere
- Adapt the systemd service security configuration
to be able to start it on RHEL systems and clones
- Create the prometheus user for RHEL systems and clones
- Fix _service to pull correct version
- Use go_modules source service
- Upgrade to version 0.10.1:
* Fix broken log-level for values other than debug (bsc#1208965)
- Version/release lines above first usage of those macros.
gh#uyuni-project/uyuni#5418
- Prevent empty %pre section
- Exclude s390 builds
- Updated for RHEL8.
python-hwdata:
- Declare the LICENSE file as license and not doc
python-pyvmomi:
- Preparing submission to SUSE:SLE-15-SP3:Update as part of ECO PED-3623.
rhnlib:
- Version 5.0.1-1
* Specify a packager for Debian like distros
- Version 4.4.6-1
* Remove unused makefiles
- Version 4.4.5-1
* Use bundle CA certificate in rhnpush
- Version 4.4.4-1
* Only use TLSv1+ for SSL connections
- Version 4.4.3-1
* Ensure installation of make for building
- Version 4.4.2-1
* Don't get stuck at the end of SSL transfers (bsc#1204032)
- Version 4.4.1-1
* Bump version to 4.4.0
spacecmd:
- Version 5.0.1-1
* Use localhost without ssl when running on the server
- Version 4.4.10-1
* Update translation strings
- Version 4.4.9-1
- Version 4.4.8-1
* Add spacecmd function: cryptokey_update
* Bypass traditional systems check on older SUMA instances (bsc#1208612)
* fix argument parsing of distribution_update (bsc#1210458)
- Version 4.4.7-1
* remove pylint check at build time
* Display activation key details after executing the corresponding command (bsc#1208719)
* Show targetted packages before actually removing them (bsc#1207830)
- Version 4.4.6-1
* Fix spacecmd not showing any output for softwarechannel_diff
and softwarechannel_errata_diff (bsc#1207352)
- Version 4.4.5-1
* Prevent string api parameters to be parsed as dates if not in
ISO-8601 format (bsc#1205759)
* Add python-dateutil dependency, required to process date values in
spacecmd api calls
* Remove python3-simplejson dependency
- Version 4.4.4-1
* Correctly understand 'ssm' keyword on scap scheduling
* Add vendor_advisory information to errata_details call (bsc#1205207)
* Change default port of 'Containerized Proxy configuration' 8022
- Version 4.4.3-1
* Added two missing options to schedule product migration: allow-vendor-change
and remove-products-without-successor (bsc#1204126)
* Changed schedule product migration to use the correct API method
* Fix dict_keys not supporting indexing in systems_setconfigchannelorger
* Added a warning message for traditional stack deprecation
* Remove 'Undefined return code' from debug messages (bsc#1203283)
- Version 4.4.2-1
* Stop always showing help for valid proxy_container_config calls
- Version 4.4.1-1
* Process date values in spacecmd api calls (bsc#1198903)
* Improve Proxy FQDN hint message
- Version 4.3.14-1
* Fix missing argument on system_listmigrationtargets (bsc#1201003)
* Show correct help on calling kickstart_importjson with no arguments
* Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
* Change proxy container config default filename to end with tar.gz
- Version 4.3.13-1
- Version 4.3.12-1
- Version 4.3.11-1
* on full system update call schedulePackageUpdate API (bsc#1197507)
spacewalk-client-tools:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.7-1
* Remove unused and deprecated/removed platform.dist import.
- Version 4.4.6-1
* Update translation strings
* Tito requires to list the package source as %{name}-%{version}.tar.gz
- Version 4.4.5-1
* remove mgr-virtualization usage
* remove dependency to suseRegisterInfo
- Version 4.4.4-1
- Version 4.4.3-1
- Version 4.4.2-1
- Version 4.4.1-1
- Version 4.3.11-1
- Version 4.3.10-1
supportutils-plugin-salt:
- Update to version 1.2.2
* Remove possible passwords from Salt configuration files (bsc#1201059)
- Update to version 1.2.1
* Remove ERROR messages on Salt client systems
- Declare the LICENSE file as license and not doc
- Update to version 1.2.0
* Add support for Salt Bundle
supportutils-plugin-susemanager-client:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.2-1
* write configured crypto-policy in supportconfig
* add cloud and payg checks
- Version 4.4.1-1
* Bump version to 4.4.0
- Version 4.3.2-1
* Add proxy containers config and logs
uyuni-common-libs:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.4-1
* Workaround for python3-debian bug about collecting control file (bsc#1211525, bsc#1208692)
* Accept missing rhn.conf file
* Use context manager for apache users in fileutils.py.
- Version 4.4.3-1
* Ensure installation of make for building.
* Use versioned Python during packaging.
- Version 4.4.2-1
* unify user notification code on java side
- Version 4.4.1-1
* Do not allow creating path if nonexistent user or group in fileutils.
- Version 4.3.5-1
* Fix reposync issue about 'rpm.hdr' object has no attribute 'get'
uyuni-proxy-systemd-services:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.2-1
* Fix script for allowing using container images from different registry paths
* Allow using container images from different registry paths
- Version 4.4.1-1
* Expose /etc/sysconfig/proxy variables to container services (bsc#1202945)
- Version 4.3.6-1
* Expose port 80 (bsc#1200142)
* Use volumes rather than bind mounts
* TFTPD to listen on udp port (bsc#1200968)
* Add TAG variable in configuration
- Version 4.3.5-1
* Fix containers namespaces in configuration
- Version 4.3.4-1
* Rename container_images_path specfile macro to less generic one
- Version 4.3.3-1
* Default to SUSE Manager images only when installed from SUSE Manager
Patchnames
SUSE-2024-196,SUSE-SLE-Manager-Tools-15-BETA-2024-196,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-196
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security Beta update for SUSE Manager Client Tools and Salt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nansible:\n\n- Update to version 2.9.27 (jsc#SLE-23631) (jsc#SLE-24133)\n * bsc#1187725 CVE-2021-3620 ansible-connection module discloses sensitive\n info in traceback error message (in 2.9.27)\n * bsc#1188061 CVE-2021-3583 Template Injection through yaml multi-line\n strings with ansible facts used in template. (in 2.9.23)\n * bsc#1176460 gh#ansible/ansible#72094 ansible module nmcli is broken in\n ansible 2.9.13 (in 2.9.15)\n- Update to 2.9.22:\n * CVE-2021-3447 (bsc#1183684) multiple modules expose secured values \n * CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option\n * CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values\n * CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values\n * CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module\n\ndracut-saltboot:\n\n- Update to version 0.1.1681904360.84ef141 \n * Load network configuration even when missing protocol version\n (bsc#1210640)\n- Update to verion 0.1.1674034019.a93ff61\n * Install copied wicked config as client.xml (bsc#1205599)\n- Update to version 0.1.1673279145.e7616bd\n * Add failsafe stop file when salt-minion does not stop (bsc#1172110)\n * Copy existing wicked config instead of generating new (bsc#1205599)\n- Update to version 0.1.1665997480.587fa10\n * Add dependencies on xz and gzip to support compressed images\n- Update to version 0.1.1661440542.6cbe0da\n * Use standard susemanager.conf\n * Move image services to dracut-saltboot package\n * Use salt bundle\n- Require e2fsprogs (bsc#1202614)\n- Update to version 0.1.1657643023.0d694ce\n * Update dracut-saltboot dependencies (bsc#1200970)\n * Fix network loading when ipappend is used in pxe config\n * Add new information messages\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Remove license file from %doc\n- Exclude s390 arch \n- Adapted to build on Enterprise Linux.\n- Fix build for RedHat 7\n- Require Go \u003e= 1.14 also for CentOS\n- Add support for CentOS\n- Replace %{?systemd_requires} with %{?systemd_ordering}\n\ngolang-github-boynux-squid_exporter:\n\n- Exclude s390 architecture (gh#SUSE/spacewalk#19050)\n- Enhanced to build on Enterprise Linux 8.\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Exclude debug for RHEL \u003e= 8\n- Build with Go \u003e= 1.20 when the OS is not RHEL\n- Spec file clean up\n- Fix apparmor profile for SLE 12\n- Do not build with apparmor profile for SLE 12\n- Upgrade to version 1.0.0 (jsc#PED-5405)\n * Improved flag parsing\n * Added support for custom headers\n- Build with Go 1.19\n- Build using promu\n- Add _service file\n- Fix sandboxing options\n- Upgrade to version 0.13.4\n * Fix denial of service vulnerability\n (CVE-2022-32149, bsc#1204501)\n- Upgrade to version 0.13.3\n * Fix uncontrolled resource consumption\n (CVE-2022-41723, bsc#1208270)\n- Upgrade to version 0.13.1\n * Fix panic caused by missing flagConfig options\n- Upgrade to version 0.13.0\n * Fix authentication bypass vulnarability\n (CVE-2022-46146, bsc#1208046)\n- Corrected comment in AppArmor profile\n- Added AppArmor profile\n- Added sandboxing options to systemd service unit\n- Exclude s390 architecture (gh#SUSE/spacewalk#19050)\n- Update to upstream release 0.11.0 (jsc#SLE-24791)\n * Add TLS support\n * Switch to logger, please check --log.level and --log.format\n flags\n- Update to version 0.10.1\n * Bugfix: Reset ProxyBalancer metrics on each scrape to\n remove stale data\n- Update to version 0.10.0\n * Add Apache Proxy and other metrics\n- Update to version 0.8.0\n * Change commandline flags\n * Add metrics: Apache version, request duration total\n- Adapted to build on Enterprise Linux 8\n- Require building with Go 1.15\n- Add support for RedHat 8\n + Adjust dependencies on spec file \n + Disable dwarf compression in go build\n- Add support for Red Hat\n- Add %license macro for LICENSE file \n\ngolang-github-prometheus-prometheus:\n\n- Update to 2.45.0 (jsc#PED-5406):\n * [FEATURE] API: New limit parameter to limit the number of items\n returned by `/api/v1/status/tsdb` endpoint. \n * [FEATURE] Config: Add limits to global config. \n * [FEATURE] Consul SD: Added support for `path_prefix`. \n * [FEATURE] Native histograms: Add option to scrape both classic\n and native histograms. \n * [FEATURE] Native histograms: Added support for two more\n arithmetic operators `avg_over_time` and `sum_over_time`.\n * [FEATURE] Promtool: When providing the block id, only one block\n will be loaded and analyzed. \n * [FEATURE] Remote-write: New Azure ad configuration to support\n remote writing directly to Azure Monitor workspace. \n * [FEATURE] TSDB: Samples per chunk are now configurable with\n flag `storage.tsdb.samples-per-chunk`. By default set to its\n former value 120. \n * [ENHANCEMENT] Native histograms: bucket size can now be limited\n to avoid scrape fails. \n * [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL\n sooner. \n * [BUGFIX] Native histograms: ChunkSeries iterator now checks if\n a new sample can be appended to the open chunk. \n * [BUGFIX] Native histograms: Fix Histogram Appender\n `Appendable()` segfault. \n * [BUGFIX] Native histograms: Fix setting reset header to gauge\n histograms in seriesToChunkEncoder. \n * [BUGFIX] TSDB: Tombstone intervals are not modified after Get()\n call. \n * [BUGFIX] TSDB: Use path/filepath to set the WAL directory.\n- Update to 2.44.0:\n * [FEATURE] Remote-read: Handle native histograms. \n * [FEATURE] Promtool: Health and readiness check of prometheus\n server in CLI. \n * [FEATURE] PromQL: Add `query_samples_total` metric, the total\n number of samples loaded by all queries.\n * [ENHANCEMENT] Storage: Optimise buffer used to iterate through\n samples.\n * [ENHANCEMENT] Scrape: Reduce memory allocations on target\n labels.\n * [ENHANCEMENT] PromQL: Use faster heap method for `topk()` /\n `bottomk()`.\n * [ENHANCEMENT] Rules API: Allow filtering by rule name.\n * [ENHANCEMENT] Native Histograms: Various fixes and\n improvements.\n * [ENHANCEMENT] UI: Search of scraping pools is now\n case-insensitive.\n * [ENHANCEMENT] TSDB: Add an affirmative log message for\n successful WAL repair.\n * [BUGFIX] TSDB: Block compaction failed when shutting down.\n * [BUGFIX] TSDB: Out-of-order chunks could be ignored if the\n write-behind log was deleted.\n- Update to 2.43.1\n * [BUGFIX] Labels: Set() after Del() would be ignored, which\n broke some relabeling rules.\n- Update to 2.43.0:\n * [FEATURE] Promtool: Add HTTP client configuration to query\n commands.\n * [FEATURE] Scrape: Add `include_scrape_configs` to include\n scrape configs from different files.\n * [FEATURE] HTTP client: Add `no_proxy` to exclude URLs from\n proxied requests.\n * [FEATURE] HTTP client: Add `proxy_from_enviroment` to read\n proxies from env variables.\n * [ENHANCEMENT] API: Add support for setting lookback delta per\n query via the API.\n * [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499\n if a request is canceled.\n * [ENHANCEMENT] Scrape: Allow exemplars for all metric types.\n * [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders\n size.\n * [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot\n with index that is ahead of WAL.\n * [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to\n be more comprehensible.\n * [ENHANCEMENT] UI: Scope `group by` labels to metric in\n autocompletion.\n * [BUGFIX] Scrape: Fix\n `prometheus_target_scrape_pool_target_limit` metric not set\n before reloading.\n * [BUGFIX] TSDB: Correctly update\n `prometheus_tsdb_head_chunks_removed_total` and\n `prometheus_tsdb_head_chunks` metrics when reading WAL.\n * [BUGFIX] TSDB: Use the correct unit (seconds) when recording\n out-of-order append deltas in the\n `prometheus_tsdb_sample_ooo_delta` metric.\n- Update to 2.42.0:\n This release comes with a bunch of feature coverage for native\n histograms and breaking changes.\n If you are trying native histograms already, we recommend you\n remove the `wal` directory when upgrading.\n Because the old WAL record for native histograms is not\n backward compatible in v2.42.0, this will lead to some data\n loss for the latest data.\n Additionally, if you scrape \u0027float histograms\u0027 or use recording\n rules on native histograms in v2.42.0 (which writes float\n histograms), it is a one-way street since older versions do not\n support float histograms.\n * [CHANGE] **breaking** TSDB: Changed WAL record format for the\n experimental native histograms.\n * [FEATURE] Add \u0027keep_firing_for\u0027 field to alerting rules.\n * [FEATURE] Promtool: Add support of selecting timeseries for\n TSDB dump.\n * [ENHANCEMENT] Agent: Native histogram support.\n * [ENHANCEMENT] Rules: Support native histograms in recording\n rules.\n * [ENHANCEMENT] SD: Add container ID as a meta label for pod\n targets for Kubernetes.\n * [ENHANCEMENT] SD: Add VM size label to azure service\n discovery.\n * [ENHANCEMENT] Support native histograms in federation.\n * [ENHANCEMENT] TSDB: Add gauge histogram support.\n * [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that\n represents buckets as float64 values.\n * [ENHANCEMENT] UI: Show individual scrape pools on /targets\n page.\n- Update to 2.41.0:\n * [FEATURE] Relabeling: Add keepequal and dropequal relabel\n actions.\n * [FEATURE] Add support for HTTP proxy headers. \n * [ENHANCEMENT] Reload private certificates when changed on disk.\n * [ENHANCEMENT] Add max_version to specify maximum TLS version in\n tls_config.\n * [ENHANCEMENT] Add goos and goarch labels to\n prometheus_build_info.\n * [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs.\n * [ENHANCEMENT] SD: Add new metric\n prometheus_sd_file_watcher_errors_total.\n * [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling.\n * [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in\n iterators.\n * [ENHANCEMENT] TSDB: Optimize postings offset table reading.\n * [BUGFIX] Scrape: Validate the metric name, label names, and\n label values after relabeling.\n * [BUGFIX] Remote Write receiver and rule manager: Fix error\n handling.\n- Update to 2.40.7:\n * [BUGFIX] TSDB: Fix queries involving negative buckets of native\n histograms.\n- Update to 2.40.5:\n * [BUGFIX] TSDB: Fix queries involving native histograms due to\n improper reset of iterators.\n- Update to 2.40.3:\n * [BUGFIX] TSDB: Fix compaction after a deletion is called.\n- Update to 2.40.2:\n * [BUGFIX] UI: Fix black-on-black metric name color in dark mode.\n- Update to 2.40.1:\n * [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit\n architecture.\n * [BUGFIX] Scrape: Fix accept headers.\n- Update to 2.40.0:\n * [FEATURE] Add experimental support for native histograms.\n Enable with the flag --enable-feature=native-histograms.\n * [FEATURE] SD: Add service discovery for OVHcloud.\n * [ENHANCEMENT] Kubernetes SD: Use protobuf encoding.\n * [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved\n sorting speed.\n * [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds\n __meta_consul_partition label. Adds partition config in\n consul_sd_config.\n * [BUGFIX] API: Fix API error codes for /api/v1/labels and\n /api/v1/series.\n- Update to 2.39.1:\n * [BUGFIX] Rules: Fix notifier relabel changing the labels on\n active alerts.\n- Update to 2.39.0:\n * [FEATURE] experimental TSDB: Add support for ingesting\n out-of-order samples. This is configured via\n out_of_order_time_window field in the config file; check config\n file docs for more info.\n * [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also\n respond to a HEAD request on top of existing GET support.\n * [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label.\n * [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label.\n * [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region\n label.\n * [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory.\n * [ENHANCEMENT] TSDB: Improve WAL replay timings.\n * [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary\n data in the memory.\n * [ENHANCEMENT] TSDB: Allow overlapping blocks by default.\n --storage.tsdb.allow-overlapping-blocks now has no effect.\n * [ENHANCEMENT] UI: Click to copy label-value pair from query\n result to clipboard.\n * [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a\n memory leak.\n * [BUGFIX] TSDB: Fix \u0027invalid magic number 0\u0027 error on Prometheus\n startup.\n * [BUGFIX] PromQL: Properly close file descriptor when logging\n unfinished queries.\n * [BUGFIX] Agent: Fix validation of flag options and prevent WAL\n from growing more than desired.\n- Update to 2.38.0:\n * [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint\n that allows pretty-formatting PromQL expressions.\n * [FEATURE]: UI: Add support for formatting PromQL expressions in\n the UI.\n * [FEATURE]: DNS SD: Support MX records for discovering targets.\n * [FEATURE]: Templates: Add toTime() template function that\n allows converting sample timestamps to Go time.Time values.\n * [ENHANCEMENT]: Kubernetes SD: Add\n __meta_kubernetes_service_port_number meta label indicating the\n service port number.\n __meta_kubernetes_pod_container_image meta label indicating the\n container image.\n * [ENHANCEMENT]: PromQL: When a query panics, also log the query\n itself alongside the panic message.\n * [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve\n the contrast ratio.\n * [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding\n locks and using atomic types instead.\n * [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature\n flag, which omits or removes any default HTTP (:80) or HTTPS\n (:443) ports in the target\u0027s scrape address.\n * [BUGFIX]: TSDB: In the WAL watcher metrics, expose the\n type=\u0027exemplar\u0027 label instead of type=\u0027unknown\u0027 for exemplar\n records.\n * [BUGFIX]: TSDB: Fix race condition around allocating series IDs\n during chunk snapshot loading.\n- Remove npm_licenses.tar.bz2 during \u0027make clean\u0027\n- Remove web-ui archives during \u0027make clean\u0027.\n- Require promu \u003e= 0.14.0 for building\n- Drop:\n- Upgrade to version 2.37.6\n * Require Go 1.19\n- Upgrade to version 2.37.5\n * [SECURITY] Security upgrade from go and upstream dependencies\n that include security fixes to the net/http and os packages.\n- Upgrade to version 2.37.4\n * [SECURITY] Fix basic authentication bypass vulnerability\n (CVE-2022-46146, bsc#1208049, jsc#PED-3576).\n- Upgrade to version 2.37.3\n * [BUGFIX] Update our regexp library to fix upstream\n CVE-2022-41715.\n- Upgrade to version 2.37.2\n- Upgrade to version 2.37.1\n * [BUGFIX] Properly close file descriptor when logging unfinished\n queries.\n * [BUGFIX] TSDB: In the WAL watcher metrics, expose the\n- Upgrade to version 2.37.0\n * [FEATURE] Nomad SD: New service discovery for Nomad built-in\n service discovery.\n * [ENHANCEMENT] Kubernetes SD: Allow attaching node labels for\n endpoint role.\n * [ENHANCEMENT] PromQL: Optimise creation of signature\n with/without labels.\n * [ENHANCEMENT] TSDB: Memory optimizations.\n * [ENHANCEMENT] TSDB: Reduce sleep time when reading WAL.\n * [ENHANCEMENT] OAuth2: Add appropriate timeouts and User-Agent\n header.\n * [BUGFIX] Alerting: Fix Alertmanager targets not being updated\n when alerts were queued.\n * [BUGFIX] Hetzner SD: Make authentication files relative to\n Prometheus config file.\n * [BUGFIX] Promtool: Fix promtool check config not erroring\n properly on failures.\n * [BUGFIX] Scrape: Keep relabeled scrape interval and timeout on\n reloads.\n * [BUGFIX] TSDB: Don\u0027t increment\n prometheus_tsdb_compactions_failed_total when context is\n canceled.\n * [BUGFIX] TSDB: Fix panic if series is not found when deleting\n series.\n * [BUGFIX] TSDB: Increase\n prometheus_tsdb_mmap_chunk_corruptions_total on out of sequence\n errors.\n * [BUGFIX] Uyuni SD: Make authentication files relative to\n Prometheus configuration file and fix default configuration\n values.\n- Upgrade to version 2.36.2\n * [BUGFIX] Fix serving of static assets like fonts and favicon.\n- Upgrade to version 2.36.1\n * [BUGFIX] promtool: Add --lint-fatal option.\n- Upgrade to version 2.36.0\n * [FEATURE] Add lowercase and uppercase relabel action.\n * [FEATURE] SD: Add IONOS Cloud integration.\n * [FEATURE] SD: Add Vultr integration.\n * [FEATURE] SD: Add Linode SD failure count metric.\n * [FEATURE] Add prometheus_ready metric.\n * [ENHANCEMENT] Add stripDomain to template function.\n * [ENHANCEMENT] UI: Enable active search through dropped targets.\n * [ENHANCEMENT] promtool: support matchers when querying label\n * [ENHANCEMENT] Add agent mode identifier.\n * [BUGFIX] Changing TotalQueryableSamples from int to int64.\n * [BUGFIX] tsdb/agent: Ignore duplicate exemplars.\n * [BUGFIX] TSDB: Fix chunk overflow appending samples at a\n variable rate.\n * [BUGFIX] Stop rule manager before TSDB is stopped.\n- Upgrade to version 2.35.0\n * [CHANGE] TSDB: Delete *.tmp WAL files when Prometheus starts.\n * [CHANGE] promtool: Add new flag --lint (enabled by default) for\n the commands check rules and check config, resulting in a new\n exit code (3) for linter errors.\n * [FEATURE] Support for automatically setting the variable\n GOMAXPROCS to the container CPU limit. Enable with the flag\n --enable-feature=auto-gomaxprocs.\n * [FEATURE] PromQL: Extend statistics with total and peak number\n of samples in a query. Additionally, per-step statistics are\n available with --enable-feature=promql-per-step-stats and using\n stats=all in the query API. Enable with the flag\n --enable-feature=per-step-stats.\n * [ENHANCEMENT] TSDB: more efficient sorting of postings read from\n WAL at startup.\n * [ENHANCEMENT] Azure SD: Add metric to track Azure SD failures.\n * [ENHANCEMENT] Azure SD: Add an optional resource_group\n configuration.\n * [ENHANCEMENT] Kubernetes SD: Support discovery.k8s.io/v1\n EndpointSlice (previously only discovery.k8s.io/v1beta1\n EndpointSlice was supported).\n * [ENHANCEMENT] Kubernetes SD: Allow attaching node metadata to\n discovered pods.\n * [ENHANCEMENT] OAuth2: Support for using a proxy URL to fetch\n OAuth2 tokens.\n * [ENHANCEMENT] Configuration: Add the ability to disable HTTP2.\n * [ENHANCEMENT] Config: Support overriding minimum TLS version.\n * [BUGFIX] Kubernetes SD: Explicitly include gcp auth from k8s.io.\n * [BUGFIX] Fix OpenMetrics parser to sort uppercase labels\n correctly.\n * [BUGFIX] UI: Fix scrape interval and duration tooltip not\n showing on target page.\n * [BUGFIX] Tracing/GRPC: Set TLS credentials only when insecure is\n false.\n * [BUGFIX] Agent: Fix ID collision when loading a WAL with\n multiple segments.\n * [BUGFIX] Remote-write: Fix a deadlock between Batch and flushing\n the queue.\n- Upgrade to version 2.34.0\n * [CHANGE] UI: Classic UI removed.\n * [CHANGE] Tracing: Migrate from Jaeger to OpenTelemetry based\n tracing.\n * [ENHANCEMENT] TSDB: Disable the chunk write queue by default and\n allow configuration with the experimental flag\n --storage.tsdb.head-chunks-write-queue-size.\n * [ENHANCEMENT] HTTP SD: Add a failure counter.\n * [ENHANCEMENT] Azure SD: Set Prometheus User-Agent on requests.\n * [ENHANCEMENT] Uyuni SD: Reduce the number of logins to Uyuni.\n * [ENHANCEMENT] Scrape: Log when an invalid media type is\n encountered during a scrape.\n * [ENHANCEMENT] Scrape: Accept\n application/openmetrics-text;version=1.0.0 in addition to\n version=0.0.1.\n * [ENHANCEMENT] Remote-read: Add an option to not use external\n labels as selectors for remote read.\n * [ENHANCEMENT] UI: Optimize the alerts page and add a search bar.\n * [ENHANCEMENT] UI: Improve graph colors that were hard to see.\n * [ENHANCEMENT] Config: Allow escaping of $ with $$ when using\n environment variables with external labels.\n * [BUGFIX] PromQL: Properly return an error from\n histogram_quantile when metrics have the same labelset.\n * [BUGFIX] UI: Fix bug that sets the range input to the\n resolution.\n * [BUGFIX] TSDB: Fix a query panic when\n memory-snapshot-on-shutdown is enabled.\n * [BUGFIX] Parser: Specify type in metadata parser errors.\n * [BUGFIX] Scrape: Fix label limit changes not applying.\n- Upgrade to version 2.33.5\n * [BUGFIX] Remote-write: Fix deadlock between adding to queue and\n getting batch.\n- Upgrade to version 2.33.4\n * [BUGFIX] TSDB: Fix panic when m-mapping head chunks onto the\n disk.\n- Upgrade to version 2.33.3\n * [BUGFIX] Azure SD: Fix a regression when public IP Address isn\u0027t\n set.\n- Upgrade to version 2.33.2\n * [BUGFIX] Azure SD: Fix panic when public IP Address isn\u0027t set.\n * [BUGFIX] Remote-write: Fix deadlock when stopping a shard.\n- Upgrade to version 2.33.1\n * [BUGFIX] SD: Fix no such file or directory in K8s SD when not\n running inside K8s.\n- Upgrade to version 2.33.0\n * [CHANGE] PromQL: Promote negative offset and @ modifer to stable\n features.\n * [CHANGE] Web: Promote remote-write-receiver to stable.\n * [FEATURE] Config: Add stripPort template function.\n * [FEATURE] Promtool: Add cardinality analysis to check metrics,\n enabled by flag --extended.\n * [FEATURE] SD: Enable target discovery in own K8s namespace.\n * [FEATURE] SD: Add provider ID label in K8s SD.\n * [FEATURE] Web: Add limit field to the rules API.\n * [ENHANCEMENT] Remote-write: Avoid allocations by buffering\n concrete structs instead of interfaces.\n * [ENHANCEMENT] Remote-write: Log time series details for\n out-of-order samples in remote write receiver.\n * [ENHANCEMENT] Remote-write: Shard up more when backlogged.\n * [ENHANCEMENT] TSDB: Use simpler map key to improve exemplar\n ingest performance.\n * [ENHANCEMENT] TSDB: Avoid allocations when popping from the\n intersected postings heap.\n * [ENHANCEMENT] TSDB: Make chunk writing non-blocking, avoiding\n latency spikes in remote-write.\n * [ENHANCEMENT] TSDB: Improve label matching performance.\n * [ENHANCEMENT] UI: Optimize the service discovery page and add a search bar.\n * [ENHANCEMENT] UI: Optimize the target page and add a search bar.\n * [BUGFIX] Promtool: Make exit codes more consistent.\n * [BUGFIX] Promtool: Fix flakiness of rule testing.\n * [BUGFIX] Remote-write: Update\n prometheus_remote_storage_queue_highest_sent_timestamp_seconds\n metric when write irrecoverably fails.\n * [BUGFIX] Storage: Avoid panic in BufferedSeriesIterator.\n * [BUGFIX] TSDB: CompactBlockMetas should produce correct\n mint/maxt for overlapping blocks.\n * [BUGFIX] TSDB: Fix logging of exemplar storage size.\n * [BUGFIX] UI: Fix overlapping click targets for the alert state\n checkboxes.\n * [BUGFIX] UI: Fix Unhealthy filter on target page to actually\n display only Unhealthy targets.\n * [BUGFIX] UI: Fix autocompletion when expression is empty.\n * [BUGFIX] TSDB: Fix deadlock from simultaneous GC and write.\n- Fix authentication bypass by updating Prometheus Exporter Toolkit\n to version 0.7.3 (CVE-2022-46146, bsc#1208049)\n- Fix uncontrolled resource consumption by updating Go to version\n 1.20.1 (CVE-2022-41723, bsc#1208298)\n- Restructure the spec to build web assets online\n * Makefile\n\ngrafana:\n\n- Update to version 9.5.8:\n * Features and enhancements\n GenericOAuth: Set sub as auth id\n * Bug fixes:\n DataSourceProxy: Fix url validation error handling\n- Update to version 9.5.7:\n Alerting: Sort NumberCaptureValues in EvaluationString\n Alerting: Improve performance of matching captures\n Alerting: No longer silence paused alerts during legacy\n migration\n Alerting: Remove and revert flag alertingBigTransactions\n Alerting: Migrate unknown NoData\\Error settings to the default\n Tracing: supply Grafana build version\n Tempo: Escape regex-sensitive characters in span name before\n building promql query\n Plugins: Only configure plugin proxy transport once\n Alerting: Fix unique violation when updating rule group with\n title chains/cycles\n Prometheus: Version detect bug\n Prometheus: Fix heatmap format with no data\n Database: Change getExistingDashboardByTitleAndFolder to get\n dashboard by title, not slug \n Alerting: Convert \u0027Both\u0027 type Prometheus queries to \u0027Range\u0027 in\n SQLStore: Fix Postgres dialect treating \u0027false\u0027 migrator\n default as true\n Alerting: Support newer http_config struct\n InfluxDB: Interpolate retention policies\n StatusHistory: Fix rendering of value-mapped null\n Alerting: Fix provenance guard checks for Alertmanager\n configuration to not cause panic when compared nested\n objects\n AnonymousAuth: Fix concurrent read-write crash\n AzureMonitor: Ensure legacy properties containing template\n variables are correctly migrated\n Explore: Remove data source onboarding page\n Dashboard: Re-align Save form\n Azure Monitor: Fix bug that did not show alert rule preview\n Histogram: Respect min/max panel settings for x-axis\n Heatmap: Fix color rendering for value ranges \u003c 1\n Heatmap: Handle unsorted timestamps in calculate mode\n Google Cloud Monitor: Fix mem usage for dropdown\n AzureMonitor: Fix logs query multi-resource and timespan values\n Utils: Reimplement util.GetRandomString to avoid modulo bias\n Alerting: Fix matching labels with spaces in their values\n Dashboard: Fix applying timezone to datetime variables\n Dashboard: Fix panel description event triggering every time\n panel is rendered\n Tempo: Fix get label values based on CoreApp type\n Heatmap: Fix log scale editor\n Dashboard: Fix disappearing panel when viewed panel is\n refreshed\n Prometheus: Fix bug in creating autocomplete queries with\n labels\n Prometheus: Fix Query Inspector expression range value\n Alerting: Fix migration failing if alert_configuration table is\n not empty\n InfluxDB: Fix querying retention policies on flux mode\n- Update to version 9.5.6:\n * Bug fixes\n Dashboard: Fix library panels in collapsed rows not getting\n updated\n Auth: Add and document option for enabling email lookup\n- Update to version 9.5.5:\n Security: Fix authentication bypass using Azure AD OAuth\n (bsc#1212641, CVE-2023-3128, jsc#PED-3694).\n Auth: Show invite button if disable login form is set to false.\n Azure: Fix Kusto auto-completion for Azure datasources.\n RBAC: Remove legacy AC editor and admin role on new dashboard\n route.\n API: Revert allowing editors to access GET /datasources. \n Settings: Add ability to override skip_org_role_sync with Env\n variables.\n- Update to version 9.5.3:\n Query: Prevent crash while executing concurrent mixed queries\n (bsc#1212099, CVE-2023-2801).\n Alerting: Require alert.notifications:write permissions to test\n receivers and templates (bsc#1212100, CVE-2023-2183).\n- Update to version 9.5.2:\n Alerting: Scheduler use rule fingerprint instead of version.\n Explore: Update table min height.\n DataLinks: Encoded URL fixed.\n TimeSeries: Fix leading null-fill for missing intervals.\n Dashboard: Revert fixed header shown on mobile devices in the\n new panel header.\n PostgreSQL: Fix TLS certificate issue by downgrading lib/pq.\n Provisioning: Fix provisioning issues with legacy alerting and\n data source permissions.\n Alerting: Fix misleading status code in provisioning API.\n Loki: Fix log samples using `instant` queries.\n Panel Header: Implement new Panel Header on Angular Panels.\n Azure Monitor: Fix bug that was not showing resources for\n certain locations.\n Alerting: Fix panic when reparenting receivers to groups\n following an attempted rename via Provisioning.\n Cloudwatch Logs: Clarify Cloudwatch Logs Limits.\n- Update to 9.5.1\n Loki Variable Query Editor: Fix bug when the query is updated\n Expressions: Fix expression load with legacy UID -100\n- Update to 9.5.0 (CVE-2023-1387, bsc#1210907, jsc#PED-3694)\n * Breaking changes\n - default named retention policies won\u0027t be used to query.\n Users who have a default named retention policy in their\n influxdb database, have to rename it to something else.\n Having default named retention policy is not breaking\n anything. We will make sure to use the actual default\n retention policy under the hood. To change the hardcoded\n retention policy in the dashboard.json, users must they\n select the right retention policy from dropdown and save the\n panel/dashboard.\n - Grafana Alerting rules with NoDataState configuration set to\n Alerting will now respect \u0027For\u0027 duration.\n - Users who use LDAP role sync to only sync Viewer, Editor and\n Admin roles, but grant Grafana Server Admin role manually\n will not be able to do that anymore. After this change, LDAP\n role sync will override any manual changes to Grafana Server\n Admin role assignments. If grafana_admin is left unset in\n LDAP role mapping configuration, it will default to false.\n API keys: Add deprecation to api keys.\n API: Enable serving Swagger UI by default and add docs and\n guidelines.\n API: Permit Cache-Control (browser caching) for datasource\n resources.\n Accessibility: Make row actions keyboard accessible.\n Admin/Plugins: Set category filter in connections link.\n Alerting: Add CustomDetails field in PagerDuty contact point.\n Alerting: Add dashboard and panel links to rule and instance\n annotations.\n Alerting: Add filter and remove funcs for custom labels and\n Alerting: Add fuzzy search to alert list view.\n Alerting: Add metrics for active receiver and integrations.\n Alerting: Better printing of labels.\n Alerting: Create new state history \u0027fanout\u0027 backend that\n dispatches to multiple other backends at once.\n Alerting: Enable preview for recording rules.\n Alerting: Fetch all applied alerting configurations.\n Alerting: Introduce proper feature toggles for common state\n history backend combinations.\n Alerting: Make time range query parameters not required when\n querying Loki.\n Alerting: New notification policies view.\n Alerting: No longer index state history log streams by\n instance labels.\n Alerting: Respect \u0027For\u0027 Duration for NoData alerts.\n Alerting: Support filtering rules by multiple datasources.\n Alerting: Switch to snappy-compressed-protobuf for outgoing\n push requests to Loki.\n Angular: Prevent angular from loading when disabled.\n Auth: Add Generic oauth skip org role sync setting.\n Auth: Add feature flag to move token rotation to client.\n Auth: Show user sync external Authentication status.\n Backend: Use sdk version 0.148.0.\n Chore: Add stat for remote cache config.\n Chore: Replace short UID generation with more standard UUIDs.\n Chore: Use DOMPurify to sanitize strings rather than js-xss.\n CloudMonitoring: Add possibility to use path for private key.\n CloudWatch Logs: Update default timeout to 30m.\n CloudWatch: Add AWS/IotSiteWise namespace and metrics.\n CloudWatch: Add account support to variable queries.\n CloudWatch: Make deeplinks work for us-gov and china regions.\n Cloudwatch: Add MeteredIOBytes metric for EFS.\n Command Palette: Display dashboard location.\n Command palette: Enable folder searching.\n Connections: Turn on feature toggle by default.\n Cookies: Provide a mechanism for per user control over cookies.\n Dashboard Datasource: Update Query List \u0026 Improve UX.\n Dashboard: Add a feature that creates a table panel when a\n spreadsheet file is dropped on the dashboard.\n Dashboard: Add new visualization/row/library panel/pasted\n panel is now a dropdown menu.\n Dashboard: Add value format for requests per minute.\n Dashboard: Empty/No Panels dashboard with a new design.\n Dashboard: When dashboard is not found show message instead\n of empty page.\n Dashboards: Enable feature flag newPanelChromeUI by default.\n Dataplane: Support timeSeriesLong without transform.\n Datasources: Add user_agent header customization for outgoing\n HTTP requests.\n Datasources: Use getDefaultQuery in annotations editors.\n Docs: Add documentation on how to debug backend plugins.\n Docs: Deprecate dashboard previews.\n Elasticsearch: Detect Elasticsearch version.\n Elasticsearch: Run Explore queries trough data source backend.\n Explore: Add range option to internal data links.\n Explore: Add transformations to correlation data links.\n Explore: Support mixed data sources for supplementary query.\n Extensions: Expose an enum for available placements.\n Feat: Changing link destination for get more plugins.\n Feat: Linking to plugin details page rather than externally\n for new datasources.\n FieldMatchers: Add match by value (reducer).\n Flame graph: Add context menu.\n Flame graph: Add metadata above flame graph.\n Geomap: Improve tooltip url for photos layer.\n Geomap: Release night / day layer.\n InfluxDB: Move database information into jsondata.\n Jaeger and Zipkin: Config \u0026 docs upgrade.\n LDAP: Allow setting minimum TLS version and accepted ciphers.\n Live: Remove (alpha) ability to configure live pipelines.\n Logger: Add feature toggle for errors in HTTP request logs.\n Login: Allow custom name and icon for social providers.\n Logs Panel: Refactor style generation to improve rendering\n performance.\n Logs: Add millisecond to timestamp in log line.\n Logs: Rename dedup to deduplicate.\n Loki Query Editor: Make Monaco the default editor.\n Loki: Add unpack query builder hint.\n Loki: Add descriptions to query builder operations.\n Loki: Add placeholder to the loki query editor.\n Loki: Always fetch for new label keys in the QueryBuilder.\n Loki: Display error with label filter conflicts.\n Loki: Improve the display of loki query stats.\n MSSQL/Postgres: List views in table dropdown as well.\n MSSQL: Update forked go-mssqldb dependency.\n Metrics: Update comment to mention folders instead of\n dashboards.\n Navigation: Enable new navigation by default.\n NodeGraph: Support icons for nodes.\n Notifications: Enable display of trace ID by default.\n Packaging: Start Grafana service after InfluxDB.\n Panel Header: Add CancelQuery option to panel header.\n Panel: Show multiple errors info in the inspector.\n PanelChrome: Add option to show actions on the right side\n (actions = leftItems).\n Phlare: Allow variables in labelSelector (in query).\n Plugin: Skip preloading disabled app plugins.\n Plugins: Add optional logger for plugin requests sent to backend\n plugins.\n Plugins: Extend panel menu with commands from plugins.\n Plugins: Extend panel menu with links from plugins.\n Plugins: Improve instrumentation by adding metrics and tracing.\n Plugins: Support for distributed tracing in backend plugins SDK.\n Plugins: Support for link extensions.\n Profiling: Enable flame graph \u0026 Phlare/Parca data sources for\n all users.\n Prometheus Datasource: Improve Prom query variable editor.\n Prometheus Metrics: Add missing stat_total_teams metric.\n Prometheus/Loki: Run query explicitly instead of onblur in panel\n edit.\n Prometheus: Browser resource caching.\n Prometheus: Improve prometheus query variable editor.\n Prometheus: Use $__rate_interval for rate queries generated by\n metric browser.\n Pubdash: Email sharing handle dashboard deleted.\n PublicDashboards: Backfills share column with default value.\n PublicDashboards: Configuration modal redesign.\n PublicDashboards: Email sharing.\n PublicDashboards: Enable creation when dashboard has template\n variables.\n PublicDashboards: Paused or deleted public dashboard screen.\n QueryHistory: Improve handling of mixed datasource entries.\n Rendering: Experimental support to use JWTs as auth method.\n SQL Datasources: Add back help content.\n Schema: Remove exclusion for timeseries and update imports.\n Search: Improvements for starred dashboard search.\n Select: Show icon in the grafana/ui Select component.\n Service accounts: Creation logic simplification.\n Service accounts: Remove Add API keys buttons and remove one\n state of migrating for API keys tab.\n SplitOpen: Update API to accept multiple queries.\n Stat Panel: Add an option for a non-gradient/solid background.\n Stat: Add ability to remove default single-color background\n gradient.\n SupportBundles: Add OAuth bundle collectors.\n Table Panel: Add ability to use text color for value or hide\n value in gauge cell.\n Table: Introduce sparkline cell type.\n Tempo: Config and doc updates.\n Tempo: Update service graph view and docs.\n TraceView: Add key and url escaping of json tag values.\n TraceView: Reworked header.\n Tracing: Add more detail to HTTP Outgoing Request.\n Tracing: Docs and config improvements for Tempo/Jaeger/Zipkin.\n Tracing: Support multiple OTel propagators.\n Transformations: Support time format when converting time to\n strings.\n Transformers: Support adding the row index using calculate\n field transformer.\n Units: Format currency with negative before the symbol.\n API: Fix \u0027Updated by\u0027 Column in dashboard versions table.\n AccessControl: Allow editors to access GET /api/datasources.\n Alerting: Add \u0027backend\u0027 label to state history writes metrics.\n Alerting: Add alert instance labels to Loki log lines in\n addition to stream labels.\n Alerting: Elide requests to Loki if nothing should be recorded.\n Alerting: Fix DatasourceUID and RefID missing for\n DatasourceNoData alerts.\n Alerting: Fix ambiguous handling of equals in labels when\n bucketing Loki state history streams.\n Alerting: Fix attachment of external labels to Loki state\n history log streams.\n Alerting: Fix creating a recording rule when having multiple\n datasources.\n Alerting: Fix explore link in alert detail view.\n Alerting: Fix share URL for Prometheus rules on subpath.\n Alerting: Fix stats that display alert count when using unified\n alerting.\n Alerting: Hide mute timing actions when dealing with vanilla\n prometheus.\n Alerting: Paginate result previews.\n Alerting: Prometheus-compatible Alertmanager timings editor.\n Alerting: Update scheduler to get updates only from database.\n Alerting: Use a completely isolated context for state history\n writes.\n Alerting: Use displayNameFromDS if available in preview.\n Annotation List: Fix panel not updating when variable is\n changed.\n Annotations: Ignore unique constraint violations for tags.\n Auth: Fix orgrole picker disabled if isSynced user.\n AzureMonitor: Fix Log Analytics portal links.\n BrowseDashboards: Fix move to General folder not working.\n Catalog: Show install error with incompatible version.\n Chore: Update Grafana to use Alertmanager\n v0.25.1-0.20230308154952-78fedf89728b.\n CloudMonitoring: Add project selector for MQL editor[fix].\n CloudWatch Logs: Fix running logs queries with expressions.\n CloudWatch Logs: Fix to make log queries use a relative time if\n available.\n CloudWatch Logs: Revert \u0027Queries in an expression should run\n synchronously\u0027.\n CloudWatch: Fix cachedQueries insights not being updated for\n metric queries.\n Cloudwatch: Pass refId from query for expression queries.\n Dashboards: Evaluate provisioned dashboard titles in a\n backwards compatible way.\n Dashboards: Fix broken internal data links.\n Database: Don\u0027t sleep 10ms before every request.\n Elasticsearch: Fix processing of response with multiple group\n by for alerting.\n Elasticsearch: Handle multiple annotation structures.\n Email: Mark HTML comments as \u0027safe\u0027 in email templates.\n ErrorHandling: Fixes issues with bad error messages.\n ErrorView: Better detection of no-data responses.\n Explore: Make DataSourcePicker visible on small screens.\n Fix: DataLinks from data sources override user defined data\n link.\n Fix: Top table rendering and update docs.\n Frontend: Fix broken links in /plugins when pathname has a\n trailing slash.\n Geomap: Fix route layer zoom behavior.\n Google Cloud Monitoring: Fix project variable.\n HeatMap: Sort y buckets when all bucket names are numeric.\n InfluxDB: Fix querying with hardcoded retention policy.\n InfluxDB: Fix sending retention policy with InfluxQL queries.\n KVStore: Include database field in migration.\n LDAP: Always synchronize Server Admin role through role sync if\n role sync is enabled.\n Library panels: Ensure pagination controls are always correctly\n displayed.\n Loki: Fix autocomplete situations with multiple escaped quotes.\n MegaMenu: Fixes mega menu showing scroll indicator when it\n shouldn\u0027t.\n Navigation: Redirect to root page when switching organization.\n Navigation: Scrolled hamburger menu links now navigate correctly\n in Safari.\n NestedFolders: Fix nested folder deletion.\n New Panel Header: Fix when clicking submenu item the parent\n menu item onClick get\u0027s triggered.\n Phlare: Fix error when there are no profileTypes to send from\n backend.\n PieChart: Show long labels properly.\n PluginExtensions: Fixed issue with incorrect type being\n exposed when configuring an extension.\n Plugins: Ensure proxy route bodies are valid JSON.\n Plugins: Fix width for README pages with tables.\n Plugins: Markdown fetch retry with lowercase.\n Plugins: Skip instrumenting plugin build info for core and\n bundled plugins.\n PublicDashboards: Query collapsed panels inside rows.\n Query Splitting: Fix for handling queries with no requestId.\n SQL Datasources: Fix variable throwing error if query returns no\n data.\n SQL Datasources: Prevent Call Stack Overflows with Large\n Numbers of Values for Variable.\n SQLStore: Fix SQLite error propagation if query retries are\n disabled.\n Stat Panel: Fix issue with clipping text values.\n Table Panel: Fix panel migration for options cell type.\n Table: Fix migrations from old angular table for cell color\n modes.\n Table: Fixes issue with pagination summary causing scrollbar.\n Table: Fixes table panel gauge alignment.\n TablePanel: Fix table cells overflowing when there are\n multiple data links.\n TablePanel: fix footer bug; no footer calculated values after\n \u0027hidden\u0027 column override.\n Templating: Allow percent encoding of variable with custom all.\n Tempo: Set default limit if none is provided for traceql\n queries.\n TimeSeries: Don\u0027t extend stepped interpolation to graph edges.\n TimeSeries: Improve stacking direction heuristic.\n Trace View: Update the queryType to traceql for checking if\n same trace when clicking span link.\n TraceView: Don\u0027t require preferredVisualisationType to render.\n Utils: Reimplement util.GetRandomString to avoid modulo bias.\n XYChart: Add all dataset columns in tooltip.\n * Plugin development fixes \u0026 changes\n DateTimePicker: Can now select time correctly.\n Grafana UI: Fix tooltip prop of button component.\n DateTimePicker: Add min date support to calendar.\n GrafanaUI: Implement new component Toggletip.\n ContextMenu: Fix padding and show border based on items.\n- Update to 9.4.7 (2023-03-16)\n Alerting: Update scheduler to receive rule updates only from\n database.\n Influxdb: Re-introduce backend migration feature toggle.\n Security: Fixes for CVE-2023-1410.\n The InfluxDB backend migration feature toggle\n (influxdbBackendMigration) has been reintroduced in this\n version as issues were discovered with backend processing of\n InfluxDB data. Unless this feature toggle is enabled, all\n InfluxDB data will be parsed in the frontend. This frontend\n processing is the default behavior.\n In Grafana 9.4.4, InfluxDB data parsing started to be handled\n in the backend. If you have upgraded to 9.4.4 and then added\n new transformations on InfluxDB data, those panels will fail to\n render. To resolve this either:\n Remove the affected panel and re-create it or\n edit the `time` field as `Time` in `panel.json` or\n `dashboard.json`\n as the exporter toolkit has been updated by upstream\n- Install wrapper scripts under /usr/sbin\n- Install actual binaries under /usr/libexec/grafana (or /usr/lib\n under older distributions) and create a simlink for wrapper\n scripts and the service (which expect the binary to be under\n /usr/share/grafana/bin)\n- Update to 9.4.3\n Alerting: Use background context for maintenance function.\n- Update to 9.4.2\n Alerting: Fix boolean default in migration from false to 0.\n- Update to 9.4.0\n Alerting: Add endpoint for querying state history.\n Alerting: Add label query parameters to state history endpoint.\n Alerting: Add static label to all state history entries.\n Alerting: Mark AM configuration as applied.\n Azure Monitor: Enable multiple resource queries.\n Query Caching: Add per-panel query caching TTL.\n Table: Add row number column option.\n Tempo: Remove tempoApmTable feature flag.\n Transformations: Selectively apply transformation to queries.\n AccessControl: Clear user permission cache for update org user\n role.\n Alerting: Fix handling of special floating-point cases\n when writing observed values to annotations.\n Auth: Rotate token patch.\n ContextMenu: Consider y coord when determining bottom\n collision.\n Elasticsearch: Fix consistent label order in alerting.\n Explore: Fix graph not updating when changing config.\n Heatmap: Support heatmap rows with non-timeseries X axis.\n Login: Fix panic when a user is upserted by a background\n process.\n MSSQL: Add support for macro function calls.\n MySQL: Quote identifiers that include special characters.\n Navigation: Sign in button now works correctly when\n served under a sub path.\n Nested Folder: Fix for SQLite not to overwrite the parent on\n restarts.\n PanelChrome: Adds display mode to support transparent option.\n Plugins: Case-sensitive routes for standalone pages.\n Plugins: Prefer to use the data source UID when querying.\n SQLStore: Fix folder migration for MySQL \u003c 5.7.\n Search: Fix not being able to clear sort value.\n Tempo: Fix span name being dropped from the query.\n PanelChrome: Implement hover header.\n- Update to 9.3.7\n Alerting: Validate that tags are 100 characters or less.\n Expressions: Fixes the issue showing expressions editor.\n Logs: Fix stats not being updated when log results change.\n Plugins: Fix circular reference in customOptions leading\n to MarshalJSON errors.\n Time Series Panel: Fix legend text selection in Firefox.\n- Update to 9.3.6\n QueryEditorRow: Fixes issue loading query editor when\n data source variable selected.\n- Update to 9.3.4\n Prometheus: Add default editor configuration.\n TextPanel: Refactor to functional component.\n Alerting: Fix webhook to use correct key for decrypting token.\n Alerting: Set error annotation on EvaluationError regardless of\n underlying error type.\n Datasources: Fix Proxy by UID Failing for UIDs with a Hyphen.\n Fix creating of span link with no tags.\n Elasticsearch: Fix failing requests when using SigV4.\n Elasticsearch: Fix toggle-settings are not shown correctly.\n Explore: Be sure time range key bindings are mounted after\n clear.\n Explore: Unsync time ranges when a pane is closed.\n Logs: Lines with long words do not break properly.\n Loki: Fix misaligned derived fields settings.\n Query Builder: Fix max width of input component to prevent\n overflows.\n Search: Auto focus input elements.\n Search: Fix empty folder message showing when by starred\n dashboards.\n Table Panel: Fix image of image cell overflowing table cell and\n cells ignoring text alignment setting when a data\n link is added.\n- Update to 9.3.2\n Graphite: Process multiple queries to Graphite plugin.\n API: Fix delete user failure due to quota not enabled.\n Accessibility: Improved keyboard accessibility in BarGauge.\n Accessibility: Improved keyboard accessibility in BigValue.\n Alerting: Use the QuotaTargetSrv instead of the QuotaTarget in\n quota check.\n AzureMonitor: Automate location retrieval.\n AzureMonitor: Fix bad request when setting dimensions.\n BarChart: Fix value mappings.\n Build: Streamline and sync dockerfiles.\n Build: Unified dockerfile for all builds.\n CloudWatch: Fix - make sure dimensions are propagated to alert\n query editor.\n Cloudwatch: Fix deeplink with default region.\n Command Palette: Fix not being able to type if triggered\n whilst another modal is open.\n Command Palette: Maintain page state when changing theme.\n Dashboards: Fix \u0027Make Editable\u0027 button not working in\n Dashboard Settings.\n Dashboards: Show error when data source is missing.\n Datasource: Fix - apply default query also to queries in new\n panels.\n Dropdown: Menu now closes correctly when selecting\n options on touch devices.\n Influx: Query segment menus now position correctly near\n the bottom of the screen.\n Login: Fix failure to login a new user via an external\n provider if quota are enabled.\n Loki/Prometheus: Fix wrong queries executed in split view.\n Loki: Fix wrongly escaped label values when using LabelFilter.\n Navigation: Prevent app crash when importing a dashboard with a\n uid of `home`.\n Panel Edit: Fix data links edit icons being off screen when\n provided title is too long.\n Prometheus: Fix exemplar fill color to match series color in\n time series.\n Prometheus: Fix exemplars not respecting corresponding series\n display status.\n StateTimeline: Fix negative infinity legend/tooltip from\n thresholds.\n Table: Fixes row border style not showing and colored\n rows blending together.\n Tempo: Fix TraceQL autocomplete issues.\n TimePicker: Prevent TimePicker overflowing viewport on small\n screens.\n TimeRangePicker: Fix recently ranges only not showing all recent\n ranges.\n TimeZonePicker: Scroll menu correctly when using keyboard\n controls.\n- Update to 9.3.1\n Connections: Update \u0027Your connections/Data sources\u0027 page.\n Accessibility: Increase badge constrast to be WCAG AA compliant.\n- Update to 9.3.0\n Alerting: Enable interpolation for notification policies in file\n provisioning.\n Azure Monitor Logs: Avoid warning when the response is empty.\n Azure Monitor: Add support to customized routes.\n Canvas: Add icon value mapping.\n CloudWatch: Cross-account querying support.\n Docs: Update `merge-pull-request.md` regarding backport\n policies.\n GaugePanel: Setting the neutral-point of a gauge.\n Geomap: Improve location editor.\n Internationalization: Enable internationalization by default.\n Logs: Add `Download logs` button to log log-browser.\n Loki: Add `gzip` compression to resource calls.\n Loki: Add improvements to loki label browser.\n Loki: Make label browser accessible in query builder.\n Loki: Remove raw query toggle.\n Middleware: Add CSP Report Only support.\n Navigation: Prevent viewer role accessing dashboard\n creation, import and folder creation.\n OAuth: Refactor OAuth parameters handling to support\n obtaining refresh tokens for Google OAuth.\n Oauth: Display friendly error message when\n role_attribute_strict=true and no valid role found.\n Preferences: Add confirmation modal when saving org preferences.\n PublicDashboards: Orphaned public dashboard deletion script\n added.\n Query Editor: Hide overflow for long query names.\n Solo Panel: Configurable timezone.\n TablePanel: Add support for Count calculation per column\n or per entire dataset.\n Tempo: Send the correct start time when making a TraceQL query.\n Various Panels: Remove beta label from Bar Chart, Candlestick,\n Histogram, State Timeline, \u0026 Status History\n Panels.\n Access Control: Clear user\u0027s permission cache after resource\n creation.\n Accessibility: Improve keyboard accessibility in\n `AnnoListPanel`.\n Accessibility: Improve keyboard accessibility in `Collapse`.\n `GettingStarted` panel.\n Accessibility: Improve keyboard accessibility of `FilterPill`.\n Admin: Fix broken links to image assets in email templates.\n Azure Monitor: Fix namespace selection for storageaccounts.\n Calcs: Fix difference percent in legend.\n DataLinks: Improve Data-Links AutoComplete Logic.\n Explore: Fix a11y issue with logs navigation buttons.\n Heatmap: Fix blurry text \u0026 rendering.\n Heatmap: Fix tooltip y range of top and bottom buckets in\n calculated heatmaps.\n Logs: Fix misalignment of LogRows.\n Navigation: Stop clearing search state when opening a\n result in a new tab.\n OptionsUI: SliderValueEditor does not get auto focused on\n slider change.\n PanelEdit: Fixes bug with not remembering panel options\n pane collapse/expand state.\n Quota: Fix failure in store due to missing scope parameters.\n Quota: Fix failure when checking session limits.\n StateTimeline: Prevent label text from overflowing state rects.\n Tempo: Fix search table duration unit.\n TraceView: Fix broken rendering when scrolling in Dashboard\n panel in Firefox.\n GrafanaUI: Add disabled option for menu items.\n- Update to 9.2.4\n Access Control: Add an endpoint for setting several managed\n resource permissions.\n Accessibility: Increase `Select` placeholder contrast to\n be WCAG AA compliant.\n Alerting: Append org ID to alert notification URLs.\n Alerting: Make the Grouped view the default one for Rules.\n Build: Remove unnecessary alpine package updates.\n Google Cloud Monitoring: Set frame interval to draw null values.\n Instrumentation: Expose when the binary was built as a gauge.\n Loki: Preserve `X-ID-Token` header.\n Search: Reduce requests in folder view.\n TimeSeries: More thorough detection of negative values for\n auto-stacking direction.\n Alerting: Attempt to preserve UID from migrated legacy channel.\n Alerting: Fix response is not returned for invalid Duration in\n Provisioning API.\n Alerting: Fix screenshot is not taken for stale series.\n Auth: Fix admins not seeing pending invites.\n MSSQL/Postgres: Fix visual query editor filter disappearing.\n Tempo: Fix dropdown issue on tag field focus.\n Timeseries: Fix null pointer when matching fill below to field.\n Toolkit: Fix Webpack less-loader config.\n- Update to 9.2.3\n Docs: Add information about DB version support to upgrade guide.\n Footer: Update footer release notes link to Github changelog.\n Prometheus: Do not drop errors in streaming parser.\n Prometheus: Flavor/version configuration.\n Prometheus: Provide label values match parameter API when\n supported prometheus instance is configured.\n Security: Upgrade x/text to version unaffected by\n CVE-2022-32149.\n Auth: Fix GF_AUTH_JWT_URL_LOGIN env variable doesn\u0027t work.\n Live: Explicitly reply with http 200.\n Prometheus: Fix builder operation mode changing\n multiselect to single select behaviour.\n Security: Fix vulnerabilities in webpack loader-utils.\n- Update to 9.2.2\n Alerting: Add support for wecom apiapp.\n Canvas: Improve resource picker initialization.\n Canvas: Improve text element readability.\n CloudWatch: Make sure adoption tracking is done on valid,\n migrated queries.\n Dashboard: Alerts user to incorrect tag format for JSON import.\n MSSQL: Support tables from all schemas.\n Opentsdb: Allow template variables for filter keys.\n QueryEditor: Revert components from grafana-ui.\n Browse: Fix General folder not showing in FolderPicker.\n Elasticsearch: Fix calculation of trimEdges in alert mode.\n Elasticsearch: Fix trimEdges delete logic in alert mode.\n GoogleOAuth: Unlock User Admin UI.\n LogContext: Fix wrong color of `show context` icon in light\n theme.\n Loki: Fix adding of adhoc filters to stream selector when query\n with empty stream selector.\n Loki: Fix double stringified log-lines when copied via Copy\n button.\n Loki: Fix explain section about $\\_\\_interval variable.\n Loki: Remove already selected options from next label filter\n options in builder.\n NodeGraph: Fix rendering issues when values of arc are over 1.\n PublicDashboards: Fix hidden queries execution.\n Tempo: Fix Node Graph visualization type in dashboard.\n TimeSeries: Fix stacking when first value is negative zero.\n TimeseriesPanel: Fix variables in data links.\n User: Fix externalUserId not being populated.\n We added some components a bit too early to @grafana/ui in 9.2\n so we are moving them back to @grafana/experimental. If you\n used any of these components\n AccessoryButton\n EditorFieldGroup\n EditorHeader\n EditorField\n EditorRow\n EditorList\n EditorRows\n EditorSwitch\n FlexItem\n Stack\n InlineSelect\n InputGroup\n Space\n Please use them from grafana/experimental from now on.\n- Update to 9.2.1\n Alerting: Improve notification policies created during\n migration.\n AzureAD: Add option to force fetch the groups from the\n Graph API.\n Docs: Note end of release notes publication.\n Inspect: Handle JSON tab crash when the provided object\n is too big to stringify.\n TablePanel: Footer now updates values on column filtering.\n Alerting: Fix email image embedding on Windows.\n Alerting: Fix mathexp.NoData for ConditionsCmd.\n Legacy Alerting: Fix duration calculation when testing a rule.\n Loki: Propagate additional headers from Grafana to Loki\n when querying data.\n Search: Sort alphabetically in the folder view, increase\n the limit of the folder search from 50 to 1000.\n TablePanel: Fix last table column to be centered.\n Grafana UI: Export prop types for queryfield, modal and field\n components.\n Toolkit: Fix `Cannot use import statement outside...` error in\n tests.\n- Update to 9.2.0\n Alerting: Add Notification error feedback on contact points\n view.\n Alerting: Allow created by to be manually set when\n there\u0027s no creator for silences.\n Alerting: Expose info about notification delivery errors\n in a new /receivers endpoint.\n Alerting: Update imported prometheus alertmanager version.\n Alerting: Write and Delete multiple alert instances.\n Core: Implement aria attributes for query rows, improve a11y.\n DevEnv: Adds docker block for clickhouse.\n Docker: removes unneccesary use of edge repo.\n Explore: Revert split pane resize feature.\n Frontend: Make local storage items propagate to different tabs\n immediately.\n PublicDashboards: Allow disabling an existent public dashboard\n if it.\n QueryEditorRow: Only pass error to query editor if panel\n is not in a loading state.\n XYChart: Beta release.\n Alerting: Start ticker only when scheduler starts.\n Alerting: Fix pq: missing FROM-clause for table \u0027a\u0027.\n AzureMonitor: Correctly update subscriptions value in ARG\n editor.\n Chore: Regenerate swagger specification and fix validation\n failures.\n Correlations: Only return correlation for which both\n source and target datasources exist.\n Explore: Prevent panes from disappearing when resizing\n window in split view.\n Links: Fix opening links from different orgs on the same tab.\n LogContext: Fix scroll position in upper context group.\n Logs: Show copy button independently from context.\n Loki/Prometheus: Fix adding of ad hoc filters when\n jumping from dashboard to explore.\n Loki: Add support for range aggregations with by grouping.\n Loki: Fix label-value escaping in context query.\n Loki: Fix redundant escaping in adhoc filter with regex match.\n PanelEdit: Fixes resize pane border and spacing issues.\n RBAC: Redirect to /login when forceLogin is set.\n Security: Fix CVE-2022-27664.\n StateTimeline: Fix tooltip showing erroneously in shared\n crosshair dashboards.\n Tempo: Fix unexpected trimming of leading zeroes in traceID.\n Tracing: Fix bug where errors are not reported to OpenTelemetry.\n- Update to 9.1.8\n Alerting: Fix evaluation interval validation.\n Alerting: Fix migration to create rules with group index 1.\n Alerting: Fix migration to not add label \u0027alertname\u0027.\n Azure Monitor: Fix empty Logs response for Alerting.\n Azure Monitor: Fix subscription selector when changing data\n sources.\n Google Cloud Monitoring: Fix bucket bound for distributions.\n- Update to 9.1.7\n CloudWatch: Add missing AWS/Prometheus metrics.\n Explore: Add feature tracking events.\n Graphite: Add error information to graphite queries tracing.\n Prometheus: Restore FromAlert header.\n Search: Add search index configuration options.\n Thresholds: Add option for dashed line style.\n Alerting: Fix default query\u0027s data source when no default\n datasource specified.\n Alerting: Fix mathexp.NoData cannot be reduced.\n Alerting: Skip unsupported file types on provisioning.\n AzureMonitor: Ensure resourceURI template variable is migrated.\n Dashboard: Fix plugin dashboard save as button.\n Docs: Fix decimals: auto docs for panel edit.\n Fix: RBAC handle `error no resolver` found.\n LibraryPanelSearch: Refactor and fix hyphen issue.\n Live: Fix live streaming with `live-service-web-worker` feature\n flag enabled.\n QueryField: Fix wrong cursor position on autocomplete.\n- Update to 9.1.6\n DataSource: Adding possibility to hide queries from the\n inspector.\n Inspect: Hide Actions tab when it is empty.\n PanelMenu: Remove hide legend action as it was showing on\n all panel types.\n Provisioning Contact points: Support disableResolveMessage via\n YAML.\n PublicDashboards: Support subpaths when generating pubdash url.\n Alerting: Fix legacy migration crash when rule name is too long.\n Alerting: Fix send resolved notifications.\n Azure Monitor: Fix migration issue with MetricDefinitionsQuery\n template variable query types.\n Browse: Hide dashboard actions if user does not have enough\n permission.\n ElasticSearch: Fix dispatching queries at a wrong time.\n Panel: Disable legends when showLegend is false prior to\n schema v37.\n Prometheus: Fix metadata requests for browser access mode.\n Search: Avoid requesting all dashboards when in Folder View.\n TablePanel/StatPanel: Fix values not being visible when\n background transparent.\n- Update to 9.1.5\n Alerting: Sanitize invalid label/annotation names for external\n alertmanagers.\n Alerting: Telegram: Truncate long messages to avoid send error.\n DisplayProcessor: Handle reverse-ordered data when auto-showing\n millis.\n Heatmap: Add option to reverse color scheme.\n PluginLoader: Alias slate-react as @grafana/slate-react.\n Search: Add substring matcher, to bring back the old\n dashboard search behavior.\n Traces: More visible span colors.\n Alerting: Fix incorrect propagation of org ID and other\n fields in rule provisioning endpoints.\n Alerting: Resetting the notification policy tree to the default\n policy will also restore default contact points.\n AzureMonitor: Fix custom namespaces.\n AzureMonitor: Fix issue where custom metric namespaces\n are not included in the metric namespace list.\n CloudWatch: Fix display name of metric and namespace.\n Cloudwatch: Fix annotation query serialization issue.\n Dashboard: Fix issue where unsaved changes warning would appear\n even after save, and not being able to change library\n panels.\n Dashboard: Hide overflow content for single left pane.\n Loki: Fix a bug where adding adhoc filters was not possible.\n- Update to 9.1.4\n GrafanaUI: Fixes Chrome issue for various query fields.\n- Update to 9.1.3\n API: Do not expose user input in datasource error responses.\n Library Panel: Allow to delete them when deprecated.\n Plugins Catalog: Allow to filter plugins using special\n characters.\n Alerting: Fix UI bug when setting custom notification\n policy group by.\n AppRootPage: Fix issue navigating between two app plugin pages.\n Correlations: Use correct fallback handlers.\n RBAC: Fix deleting empty snapshots.\n LibraryElements: Fix inability to delete library panels\n under MySQL.\n Metrics: fix `grafana_database_conn_*` metrics, and add\n new `go_sql_stats_*` metrics as eventual replacement.\n TestData DB: Fix node graph not showing when the `Data type`\n field is set to `random`.\n * Deprecations\n The `grafana_database_conn_*` metrics are deprecated, and will\n be removed in a future version of Grafana. Use the\n `go_sql_stats_*` metrics instead.\n- Update to 9.1.2\n AdHoc variable: Correctly preselect datasource when provisioning.\n AzureMonitor: Added ARG query function for template variables.\n Dashboards: Persist details message when navigating through\n dashboard save drawer\u0027s tabs.\n Dashboards: Correctly migrate mixed data source targets.\n Elasticsearch: Use millisecond intervals for alerting.\n Elasticsearch: Use millisecond intervals in frontend.\n Geomap: Local color range.\n Plugins Catalog: Use appSubUrl to generate plugins catalog urls.\n Rendering: Add support for renderer token.\n Alerting: Fix saving of screenshots uploaded with a signed url.\n AngularPanels: Fixing changing angular panel options not taking\n having affect when coming back from panel edit.\n Explore: Improve a11y of query row collapse button.\n Geomap: Fix tooltip display.\n QueryEditorRow: Filter data on mount.\n Search: Show all dashboards in the folder view.\n Tracing: Fix the event attributes in opentelemetry tracing.\n GrafanaUI: Fix styles for invalid selects \u0026 DataSourcePicker.\n- Update to 9.1.1\n Cloud Monitoring: Support SLO burn rate.\n Schema: Restore \u0027hidden\u0027 in LegendDisplayMode.\n Timeseries: Revert the timezone(s) property name change back to\n singular.\n Alerting: Fix links in Microsoft Teams notifications.\n Alerting: Fix notifications for Microsoft Teams.\n Alerting: Fix width of Adaptive Cards in Teams notifications.\n ColorPickerInput: Fix popover in disabled state.\n Decimals: Fixes auto decimals to behave the same for\n positive and negative values.\n Loki: Fix unique log row id generation.\n Plugins: Fix file extension in development authentication guide.\n TimeSeries: Fix jumping legend issue.\n TimeSeries: Fix memory leak on viz re-init caused by\n KeyboardPlugin.\n TimePicker: Fixes relative timerange of less than a day not\n displaying.\n GrafanaUI: Fixes ClipboardButton to always keep multi line\n content.\n- Update to 9.1.0\n API: Allow creating teams with a user defined identifier.\n Alerting: Adds interval and For to alert rule details.\n Alerting: Extend PUT rule-group route to write the entire\n rule group rather than top-level fields only.\n Alerting: Use Adaptive Cards in Teams notifications.\n Azure Monitor: Add Network Insights Dashboard.\n Chore: Improve logging of unrecoverable errors.\n Correlations: Add UpdateCorrelation HTTP API.\n Dashboard: Reverted the changes of hiding multi-select\n and all variable in the datasource picker.\n Geomap: Add alpha day/night layer.\n Geomap: Add measuring tools.\n GrafanaUI: Add success state to ClipboardButton.\n Heatmap: Replace the heatmap panel with new implementation.\n KVStore: Allow empty value in kv_store.\n Prometheus: Promote Azure auth flag to configuration.\n Search: Display only dashboards in General folder of\n Search Folder View.\n Status history/State timeline: Support datalinks.\n Transform: Add a limit transform.\n Transformations: Add standard deviation and variance reducers.\n API: Fix snapshot responses.\n Access Control: Fix permission error during dashboard\n creation flow.\n Access Control: Set permissions for Grafana\u0027s test data source.\n Alerting: Fix migration failure.\n BarGauge: Show empty bar when value, minValue and\n maxValue are all equal.\n Dashboard: Fix color of bold and italics text in panel\n description tooltip.\n Loki: Fix passing of query with defaults to code mode.\n Loki: Fix producing correct log volume query for query\n with comments.\n Loki: Fix showing of unusable labels field in detected fields.\n Tracing: Fix OpenTelemetry Jaeger context propagation.\n Alerting: AlertingProxy to elevate permissions for request\n forwarded to data proxy when RBAC enabled.\n Plugins: Only pass `rootUrls` field in request when not empty.\n Alert notifications to Microsoft Teams now use Adaptive Cards\n instead of Office 365 Connector Cards.\n Starting at 9.1.0, existing heatmap panels will start using a\n new implementation. This can be disabled by setting the\n `useLegacyHeatmapPanel` feature flag to true. It can be\n tested on a single dashbobard by adding\n `?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.\n The most notable changes are:\n Significantly improved rendering performance\n When calculating heatmaps, the buckets are now placed on\n reasonable borders (1m, 5m, 30s etc)\n Round cells are no longer supported\n- Update to 9.0.9\n AuthNZ: Security fixes for CVE-2022-35957 and CVE-2022-36062.\n- Update to 9.0.8\n Alerting: Hide \u0027no rules\u0027 message when we are fetching\n from data sources.\n Alerting: AlertingProxy to elevate permissions for\n request forwarded to data proxy when RBAC enabled.\n- Update to 9.0.7\n CloudMonitoring: Remove link setting for SLO queries.\n GrafanaUI: Render PageToolbar\u0027s leftItems regardless of\n title\u0027s presence.\n- Update to 9.0.6\n Access Control: Allow org admins to invite new users to\n their organization.\n Grafana/toolkit: Fix incorrect image and font generation\n for plugin builds.\n Prometheus: Fix adding of multiple values for regex operator.\n UI/Card: Fix card items always having pointer cursor.\n- Update to 9.0.5\n Access control: Show dashboard settings to users who can\n edit dashboard.\n Alerting: Allow the webhook notifier to support a custom\n Authorization header.\n Plugins: Add signature wildcard globbing for dedicated\n private plugin type.\n Prometheus: Don\u0027t show errors from unsuccessful API\n checks like rules or exemplar checks.\n Access control: Allow organisation admins to add existing\n users to org.\n Alerting: Fix alert panel instance-based rules filtering.\n Apps: Fixes navigation between different app plugin pages.\n Cloudwatch: Upgrade grafana-aws-sdk to fix auth issue\n with secret keys.\n Loki: Fix `show context` not working in some occasions.\n RBAC: Fix permissions on dashboards and folders created\n by anonymous users.\n- Update to 9.0.4\n Browse/Search: Make browser back work properly when\n visiting Browse or search.\n Logs: Improve getLogRowContext API.\n Loki: Improve handling of empty responses.\n Plugins: Always validate root URL if specified in\n signature manfiest.\n Preferences: Get home dashboard from teams.\n SQLStore: Support Upserting multiple rows.\n Traces: Add more template variables in Tempo \u0026 Zipkin.\n Traces: Remove serviceMap feature flag.\n Access Control: Fix missing folder permissions.\n Access control: Fix org user removal for OSS users.\n Alerting: Fix Slack notifications.\n Alerting: Preserve new-lines from custom email templates\n in rendered email.\n Log: Fix text logging for unsupported types.\n Loki: Fix incorrect TopK value type in query builder.\n- Update to 9.0.3\n Access Control: Allow dashboard admins to query org users.\n Alerting: Add method to provisioning API for obtaining a\n group and its rules.\n Alerting: Allow filtering of contact points by name.\n Alerting: Disable /api/admin/pause-all-alerts with\n Unified Alerting.\n Annotations: Use point marker for short time range annotations.\n AzureMonitor: Update UI to experimental package.\n AzureMonitor: Update resource and namespace metadata.\n CloudWatch: Remove simplejson in favor of \u0027encoding/json\u0027.\n DashboardRow: Collapse shortcut prevent to move the\n collapsed rows.\n Navigation: Highlight active nav item when Grafana is\n served from subpath.\n Plugins: InfluxDB datasource - set epoch query param\n value as \u0027ms\u0027.\n Plugins: InfluxDB update time range query.\n StateTimeline: Try to sort time field.\n API: Do not validate/save legacy alerts when saving a\n dashboard if legacy alerting is disabled.\n Alerting: Add method to reset notification policy tree\n back to the default.\n Alerting: Fix Teams notifier not failing on 200 response\n with error.\n Alerting: Fix bug where state did not change between\n Alerting and Error.\n Alerting: Fix consistency errors in OpenAPI documentation.\n Alerting: Fix normalization of alert states for panel\n Alerting: Provisioning API respects global rule quota.\n CSRF: Fix additional headers option.\n Chore: Bump parse-url to 6.0.2 to fix security vulnerabilities.\n Chore: Fix CVE-2020-7753.\n Chore: Fix CVE-2021-3807.\n Chore: Fix CVE-2021-3918.\n Chore: Fix CVE-2021-43138.\n Chore: Fix CVE-2022-0155.\n Dashboard: Fixes tooltip issue with TimePicker and Setting buttons.\n Dashboard: Prevent unnecessary scrollbar when viewing\n single panel.\n Logs: Fixed wrapping log lines from detected fields.\n Loki: Add missing operators in label filter expression.\n Loki: Fix error when changing operations with different parameters.\n Loki: Fix suggesting of correct operations in query builder.\n Plugins: InfluxDB variable interpolation fix for\n influxdbBackendMigration feature flag.\n SQLstore: Fix fetching an inexistent playlist.\n Security: Fixes for CVE-2022-31107 and CVE-2022-31097.\n Snapshots: Fix deleting external snapshots when using RBAC.\n Table: Fix scrollbar being hidden by pagination.\n Templating: Changing between variables with the same name\n now correctly triggers a dashboard refresh.\n Time series panel: Fix an issue with stacks being not complete\n due to the incorrect data frame length.\n- Update to 9.0.2\n Alerting: Add support for images in Pushover alerts.\n Alerting: Don\u0027t stop the migration when alert rule tags\n are invalid.\n Alerting: Skip the default data source if incompatible.\n AzureMonitor: Parse non-fatal errors for Logs.\n OAuth: Restore debug log behavior.\n Plugins: Improved handling of symlinks.\n Alerting: Code-gen parsing of URL parameters and fix\n related bugs.\n Annotations: Fix annotation autocomplete causing panels\n to crash.\n Barchart: Fix warning not showing.\n CloudWatch: Enable custom session duration in AWS plugin auth.\n Dashboards: Fixes issue with the initial panel layout\n counting as an unsaved change.\n Plugins: Use a Grafana specific SDK logger implementation\n for core plugins.\n Search: Fix pagination in the new search page.\n- Update to 9.0.1\n Alerting: Add support for image annotation in\n Alertmanager alerts.\n Alerting: Add support for images in SensuGo alerts.\n Alerting: Add support for images in Threema alerts.\n Alerting: Adds Mimir to Alertmanager data source implementation.\n Alerting: Invalid setting of enabled for unified alerting\n should return error.\n AzureMonitor: Clean namespace when changing the resource.\n AzureMonitor: Update supported namespaces and filter\n resources by the right type.\n CLI: Allow relative symlinks in zip archives when\n installing plugins.\n Dashboard: Don\u0027t show unsaved changes modal for automatic\n schema changes.\n Dashboard: Unsaved changes warning should not trigger\n when only pluginVersion has changed.\n Expression: Execute hidden expressions.\n Geomap: Support showing tooltip content on click (not\n just hover).\n Heatmap: Remove alpha flag from new heatmap panel.\n Instrumentation: Define handlers for requests that are\n not handled with named handlers.\n Log Panel: Improve log row hover contrast and visibility.\n Logs: Handle backend-mode errors in histogram.\n Loki: Do not show histogram for instant queries.\n Loki: Handle data source configs with path in the url.\n Loki: Handle invalid query type values.\n OAuth: Redirect to login if no oauth module is found or\n if module is not configured.\n OptionsUI: Move internal options editors out of @grafana/ui.\n Prometheus: Don\u0027t show undefined for step in collapsed\n options in query editor when value is \u0027auto\u0027.\n Prometheus: Show query patterns in all editor modes for\n Prometheus and Loki.\n Tempo: Add link to Tempo Search with node service selected.\n Time Series Panel: Add Null Filling and \u0027No Value\u0027 Support.\n TimeSeries: Add an option to set legend width.\n Timeseries: Improve cursor Y sync behavior.\n Traces: Do not use red in span colors as this looks like\n an error.\n Alerting: Fix AM config overwrite when SQLite db is\n locked during sync.\n Alerting: Fix alert instances filtering for prom rules.\n Alerting: Fix alert rule page crashing when datasource\n contained URL unsafe characters.\n Alerting: Fix automatically select newly created folder option.\n Alerting: Fix removal of notification policy without\n labels matchers.\n CloudWatch: Allow hidden queries to be executed in case\n an ID is provided.\n Dashboard: Prevent non-repeating panels being dropped\n from repeated rows when collapsed/expanded.\n Dashboards: Fix folder picker not showing correct results\n when typing too fast.\n Datasource: Prevent panic when proxying for non-existing\n data source.\n Explore: Fix log context scroll to bottom.\n Explore: Revert \u0027Remove support for compact format URLs\u0027.\n Expressions: Fixes dashboard schema migration issue that casued\n Expression datasource to be set on panel level.\n Formatting: Fixes valueFormats for a value of 0.\n GrafanaData: Fix week start for non-English browsers.\n LibraryPanel: Resizing a library panel to 6x3 no longer\n crashes the dashboard on startup.\n LogRow: Fix placement of icon.\n Loki: Fix bug in labels framing.\n Loki: Fix issues with using query patterns.\n Loki: Fix showing of duplicated label values in dropdown\n in query builder.\n MSSQL: Fix ParseFloat error.\n Panels: Fixes issue with showing \u0027Cannot visualize data\u0027\n when query returned 0 rows.\n Playlists: Disable Create Playlist buttons for users with\n viewer role.\n Plugins: Fix typo in plugin data frames documentation.\n Prometheus: Fix body not being included in resource calls\n if they are POST.\n RolePicker: Fix submenu position on horizontal space overflow.\n Tracing: Fix trace links in traces panel.\n Support for compact Explore URLs is deprecated and will be\n removed in a future release. Until then, when navigating to\n Explore using the deprecated format the URLs are\n automatically converted. If you have existing links pointing\n to Explore update them using the format generated by Explore\n upon navigation. You can identify a compact URL by its\n format. Compact URLs have the left (and optionally right) url\n parameter as an array of strings, for example\n `\u0026left=[\u0027now-1h\u0027,\u0027now\u0027...]`. The standard explore URLs follow\n a key/value pattern, for example\n `\u0026left={\u0027datasource\u0027:\u0027test\u0027...}`. Please be sure to check\n your dashboards for any hardcoded links to Explore and update\n them to the standard URL pattern.\n- Update to 9.0.0\n API: Add GET /api/annotations/:annotationId endpoint.\n API: Add endpoint for updating a data source by its UID.\n AccessControl: Add enterprise only setting for rbac\n permission cache.\n AccessControl: Document basic roles changes and provisioning V2.\n AccessControl: Enable RBAC by default.\n AddDataSourceConfig: Remove deprecated checkHealth prop.\n Alerting: Add Image URLs to Microsoft Teams notifier.\n Alerting: Add RBAC actions and role for provisioning API routes.\n Alerting: Add Screenshot URLs to Pagerduty Notifier.\n Alerting: Add a \u0027Reason\u0027 to Alert Instances to show\n underlying cause of state.\n Alerting: Add a general screenshot service and\n alerting-specific image service.\n Alerting: Add image url or file attachment to email\n notifications.\n Alerting: Add image_urls to OpsGenie notification details.\n Alerting: Add notification policy flow chart.\n Alerting: Attach image URL to alerts in Webhook notifier format.\n Alerting: Attach image URLs or upload files to Discord\n Alerting: Attach image URLs to Google Chat notifications.\n Alerting: Attach screenshot data to Unified Alerting\n Alerting: Create folder for alerting when start from the\n scratch.\n Alerting: Modify alertmanager endpoints for proxying\n using the datasource UID.\n Alerting: Modify endpoint for testing a datasource rule\n using the UID.\n Alerting: Modify prometheus endpoints for proxying using\n the datasource UID.\n Alerting: State Manager takes screenshots.\n Alerting: Use UID scope for folders authorization.\n Alerting: modify ruler endpoints for proxying using the\n datasource UID.\n Angular: Adds back two angular directives that are still\n used by remaining angular bits and plugins.\n Azure Monitor: Add Resource Picker to Metrics Queries.\n Azure Monitor: Add search feature to resource picker.\n AzureMonitor: Add support for selecting multiple options when\n using the equals and not equals dimension filters.\n AzureMonitor: Remove deprecated code.\n Build: Change names to PascalCase to match.\n Chore: Remove deprecated DataSourceAPI methods.\n Chore: Upgrade typescript to 4.6.4.\n Cloud Monitoring: Use new annotation API.\n CloudMonitoring: Allow to set a custom value or disable\n graph_period.\n CloudWatch: Add generic filter component to variable editor.\n CloudWatch: Added missing AWS/AppRunner metrics.\n CloudWatch: Enable support for dynamic labels with\n migrated alias patterns.\n Cloudwatch: Pass label in deep link.\n Cloudwatch: Use new annotation API.\n Dashboard: Validate dashboards against schema on save.\n DashboardPickerByID: Add option to exclude dashboards.\n DashboardPickerById: Add optionLabel prop.\n Dashboards: Display values of 0 with the configured\n decimal places.\n Data: Remove deprecated types and functions from valueMappings.\n Elasticsearch: Remove browser access mode.\n Elasticsearch: Remove support for versions after their\n end of the life (\u003c7.10.0).\n Encryption: Add support for multiple data keys per day.\n Encryption: Enable envelope encryption by default.\n Explore: Remove support for legacy, compact format URLs.\n Explore: Skip Angular error handling when Angular support\n is disabled.\n Explore: simplify support for multiple query editors.\n FeatureToggles: Support changing feature toggles with URL\n parameters.\n FileUpload: Make component accessible by keyboard navigation.\n Formatting: Make SI number formats more robust.\n Graph: Deprecate Graph (old) and make it no longer a\n visualization option for new panels.\n IconButton: IconButtons are now correctly aligned in Safari.\n Logger: Enable new logging format by default.\n Loki: Add more query patterns.\n Loki: Enable new visual query builder by default.\n Loki: use the same dataframe-format for both live and\n normal queries.\n OAuth: Make allowed email domain case insensitive.\n Panels: Use the No value option when showing the no data\n message.\n Plugins: Remove plugin list panel.\n Query History: Enable new query history by default.\n QueryEditorRow: Show query errors next to query in a\n consistent way across Grafana.\n SAML: Implement Name Templates for\n assertion_attribute_name option.\n Service accounts: Do not display service accounts\n assigned to team.\n Settings: Use Grafana Azure SDK to pass Azure env vars\n for external plugins.\n Shortcuts: Add shortcut to show shortcuts to the list of\n shortcuts.\n Traces Panel: Add new Traces Panel visualization.\n Traces: Filter by service/span name and operation in\n Tempo and Jaeger.\n Transformations: Allow more complex regex expressions\n in `Rename by regex`.\n grafana/ui: Add default type=\u0027button\u0027 to \u003cButton\u003e.\n Alerting: Fix database unavailable removes rules from scheduler.\n AzureMonitor: Fix auto-selection of time-grain for metrics.\n DataSources: Fixes issue with expressions not being queried.\n GraphNG: Fix thresholds by color not following data update.\n Jaeger: Update operations dropdown.\n Login: Fix mismatching label on auth_module in user list.\n Playlists: Save button now correctly creates a new playlist.\n RBAC: Fix migrations running in the wrong order causing\n inheritance problem in enterprise.\n ServiceAccounts: Add identifiable token prefix to service\n account tokens.\n Traces: Fix missing CopyButton on KeyValueTables and\n overlapping of panels.\n `setExploreQueryField`, `setExploreMetricsQueryField` and\n `setExploreLogsQueryField` are now deprecated and will be\n removed in a future release. If you need to set a different\n query editor for Explore, conditionally render based on\n `props.app` in your regular query editor.\n Chore: Remove react-testing-lib from bundles.\n Select: Portal menu by default.\n The `@grafana/ui` package helper function\n `selectOptionInTest` used in frontend tests has been removed\n as it caused testing libraries to be bundled in the\n production code of Grafana. If you were using this helper\n function in your tests please update your code accordingly:\n ```js\n // before\n import { selectOptionInTest } from \u0027@grafana/ui\u0027;\n // ...test usage\n await selectOptionInTest(selectEl, \u0027Option 2\u0027);\n // after\n import { select } from \u0027react-select-event\u0027;\n await select(selectEl, \u0027Option 2\u0027,\n { container: document.body });\n ```\n Removed deprecated `checkHealth` prop from the `@grafana/e2e`\n `addDataSource` config. Previously this value defaulted to\n `false`, and has not been used in end-to-end tests since\n Grafana 8.0.3.\n Removes the deprecated `LegacyBaseMap`, `LegacyValueMapping`,\n `LegacyValueMap`, and `LegacyRangeMap` types, and\n `getMappedValue` function from grafana-data. Migration is as\n follows:\n | Old | New |\n | -------------------- | ----------------------- |\n | `LegacyBaseMap` | `MappingType` |\n | `LegacyValueMapping` | `ValueMapping` |\n | `LegacyValueMap` | `ValueMap` |\n | `LegacyRangeMap` | `RangeMap` |\n | `getMappedValue` | `getValueMappingResult` |\n This change fixes a bug in Grafana where intermittent failure\n of database, network between Grafana and the database, or\n error in querying the database would cause all alert rules to\n be unscheduled in Grafana. Following this change scheduled\n alert rules are not updated unless the query is successful.\n The `get_alert_rules_duration_seconds` metric has been\n renamed to `schedule_query_alert_rules_duration_seconds`.\n Any secret (data sources credential, alert manager\n credential, etc, etc) created or modified with Grafana v9.0\n won\u0027t be decryptable from any previous version (by default)\n because the way encrypted secrets are stored into the\n database has changed. Although secrets created or modified\n with previous versions will still be decryptable by Grafana\n v9.0.\n If required, although generally discouraged, the\n `disableEnvelopeEncryption` feature toggle can be enabled to\n keep envelope encryption disabled once updating to Grafana\n In case of need to rollback to an earlier version of Grafana\n (i.e. Grafana v8.x) for any reason, after being created or\n modified any secret with Grafana v9.0, the\n `envelopeEncryption` feature toggle will need to be enabled\n to keep backwards compatibility (only from `v8.3.x` a bit\n unstable, from `8.5.x` stable).\n As a final attempt to deal with issues related with the\n aforementioned situations, the `grafana-cli admin\n secrets-migration rollback` command has been designed to\n move back all the Grafana secrets encrypted with envelope\n encryption to legacy encryption. So, after running that\n command it should be safe to disable envelope encryption\n and/or roll back to a previous version of Grafana.\n Alternatively or complementarily to all the points above,\n backing up the Grafana database before updating could be a\n good idea to prevent disasters (although the risk of getting\n some secrets corrupted only applies to those updates/created\n with after updating to Grafana v9.0).\n According to the dynamic labels documentation, you can use up\n to five dynamic values per label. There\u2019s currently no such\n restriction in the alias pattern system, so if more than 5\n patterns are being used the GetMetricData API will return an\n error.\n Dynamic labels only allow \\${LABEL} to be used once per\n query. There\u2019s no such restriction in the alias pattern\n system, so in case more than 1 is being used the\n GetMetricData API will return an error.\n When no alias is provided by the user, Grafana will no longer\n fallback with custom rules for naming the legend.\n In case a search expression is being used and no data is\n returned, Grafana will no longer expand dimension values, for\n instance when using a multi-valued template variable or star\n wildcard `*` in the dimension value field.\n Time series might be displayed in a different order. Using\n for example the dynamic label `${PROP(\u0027MetricName\u0027)}`, might\n have the consequence that the time series are returned in a\n different order compared to when the alias pattern\n `{{metric}}` is used\n In Elasticsearch, browser access mode was deprecated in\n grafana 7.4.0 and removed in 9.0.0. If you used this mode,\n please switch to server access mode on the datasource\n configuration page.\n Environment variables passed from Grafana to external Azure\n plugins have been renamed:\n `AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`\n `AZURE_MANAGED_IDENTITY_ENABLED` renamed to\n `GFAZPL_MANAGED_IDENTITY_ENABLED`\n `AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to\n `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`\n There are no known plugins which were relying on these\n variables. Moving forward plugins should read Azure settings\n only via Grafana Azure SDK which properly handles old and new\n environment variables.\n Removes support for for ElasticSearch versions after their\n end-of-life, currently versions \u003c 7.10.0. To continue to use\n ElasticSearch data source, upgrade ElasticSearch to version\n 7.10.0+.\n Application Insights and Insight Analytics queries in Azure\n Monitor were deprecated in Grafana 8.0 and finally removed in\n 9.0. Deprecated queries will no longer be executed.\n grafana/ui: Button now specifies a default type=\u0027button\u0027\n The `Button` component provided by @grafana/ui now specifies\n a default `type=\u0027button\u0027` when no type is provided.\n In previous versions, if the attribute was not specified for\n buttons associated with a `\u003cform\u003e` the default value was\n `submit` per the specification. You can preserve the old\n behavior by explicitly setting the type attribute:\n `\u003cButton type=\u0027submit\u0027 /\u003e`\n The `Rename by regex` transformation has been improved to\n allow global patterns of the form `/\u003cstringToReplace\u003e/g`.\n Depending on the regex match used, this may cause some\n transformations to behave slightly differently. You can\n guarantee the same behaviour as before by wrapping the\n `match` string in forward slashes (`/`), e.g. `(.*)` would\n become `/(.*)/`\n `\u003cSelect /\u003e` menus will now portal to the document body by\n default. This is to give more consistent behaviour when\n positioning and overlaying. If you were setting\n `menuShouldPortal={true}` before you can safely remove that\n prop and behaviour will be the same. If you weren\u0027t\n explicitly setting that prop, there should be no visible\n changes in behaviour but your tests may need updating. If you\n were setting `menuShouldPortal={false}` this will continue to\n prevent the menu from portalling.\n Grafana alerting endpoint prefixed with `api/v1/rule/test`\n that tests a rule against a Corte/Loki data source now\n expects the data source UID as a path parameter instead of\n the data source numeric identifier.\n Grafana alerting endpoints prefixed with `api/prometheus/`\n that proxy requests to a Cortex/Loki data source now expect\n the data source UID as a path parameter instead of the data\n source numeric identifier.\n Grafana alerting endpoints prefixed with `api/ruler/` that\n proxy requests to a Cortex/Loki data source now expect the\n data source UID as a path parameter instead of the data\n Grafana alerting endpoints prefixed with `api/alertmanager/`\n that proxy requests to an Alertmanager now expect the data\n source UID as a path parameter instead of the data source\n numeric identifier.\n The format of log messages have been updated, `lvl` is now\n `level` and `eror`and `dbug` has been replaced with `error`\n and `debug`. The precision of timestamps has been increased.\n To smooth the transition, it is possible to opt-out of the\n new log format by enabling the feature toggle `oldlog`.\n This option will be removed in a future minor release.\n In the Loki data source, the dataframe format used to\n represent Loki logs-data has been changed to a more efficient\n format. The query-result is represented by a single dataframe\n with a \u0027labels\u0027 column, instead of the separate dataframes\n for every labels-value. When displaying such data in explore,\n or in a logs-panel in the dashboard will continue to work\n without changes, but if the data was loaded into a different\n dashboard-panel, or Transforms were used, adjustments may be\n necessary. For example, if you used the \u0027labels to fields\u0027\n transformation with the logs data, please switch to the\n \u0027extract fields\u0027 transformation.\n- Update to version 8.5.22:\n * Fix XSS in Graphite functions tooltip\n (bsc#1209645, CVE-2023-1410)\n- Update to version 8.5.21:\n * Apply attribute sanitation to GeomapPanel\n (bsc#1208821, CVE-2023-0507)\n * Avoid storing XSS in TraceView panel\n (bsc#1208819, CVE-2023-0594)\n * Login: Fix panic when UpsertUser is called without ReqContext \n- Fix basic authentication bypass by updating the exporter toolkit\n to version 0.7.3 (bsc#1208065, CVE-2022-46146).\n- Require Go 1.19 or newer (bsc#1208293, CVE-2022-41723)\n- Update to version 8.5.20:\n * Security: SVG: Add dompurify preprocessor step\n (bsc#1207749, CVE-2022-23552)\n * Security: Snapshots: Fix originalUrl spoof security issue\n (bsc#1207750, CVE-2022-39324)\n * Security: Omit error from http response \n * Bug fix: Email and username trimming and invitation validation\n- Update to version 8.5.15 (jsc#PED-2617):\n * Security: Fix for privilege escalation\n (bsc#1205225, CVE-2022-39306)\n * Security: Omit error from http response when user does not\n exists (bsc#1205227, CVE-2022-39307)\n- Update to version 8.5.14:\n * Security: Fix do not forward login cookie in outgoing requests\n (bsc#1204303, CVE-2022-39201)\n * Security: Make proxy endpoints not leak sensitive HTTP headers\n (bsc#1204305, CVE-2022-31130)\n * Security: Fix plugin signature bypass (bsc#1204302, CVE-2022-31123)\n * Security: Fix blocknig other users from signing in (bsc#1204304,\n CVE-2022-39229)\n- Update to version 8.5.13 (jsc#PED-2145):\n + Features and enhancements:\n * Plugins: Expose emotion/react to plugins to prevent load\n failures\n + Bug fix:\n * AuthNZ: Security fixes for (bsc#1203596, CVE-2022-36062) and\n (bsc#1203597, CVE-2022-35957)\n- Update to version 8.5.11:\n * Rendering: Add support for renderer token\n * Alerting: AlertingProxy to elevate permissions for request\n forwarded to data proxy when RBAC enabled\n- Update to version 8.5.10\n + Bug fixes (8.5.10):\n * RBAC: Fix Anonymous Editors missing dashboard controls.\n #52649, @gamab\n + Bug fixes (8.5.9):\n * Security: Fixes for CVE-2022-31107 and CVE-2022-31097.\n #52238, @xlson\n + Bug fixes (8.5.6):\n * Dashboard: Fixes random scrolling on time range change.\n #50379, @torkelo\n * Security: Fixes minor code scanning security warnings in old\n vendored javascript libs. #50382, @torkelo\n + Features and enhancements (8.5.5):\n * Azure Monitor: Include datasource ref when interpolating\n variables. #49543, @kevinwcyu\n * CloudWatch: Add multi-value template variable support for log\n group names in logs query builder. #49737, @kevinwcyu\n * Cloudwatch: Add template variable query function for listing\n log groups. #50100, @yaelleC\n + Bug fixes (8.5.5):\n * Alerting: Do not overwrite existing alert rule condition.\n #49920, @gillesdemey\n * Alerting: Remove double quotes from matchers. #50044,\n @alexweav\n + Features and enhancements (8.5.4):\n * Alerting: Remove disabled flag for data source when migrating\n alerts. #48559, @yuri-tceretian\n * Alerting: Show notification tab of legacy alerting only to\n editor. #49624, @yuri-tceretian\n * Alerting: Update migration to migrate only alerts that belong\n to existing org\\dashboard. #49192, @yuri-tceretian\n * AzureMonitor: Do not quote variables when a custom \u0027All\u0027\n variable option is used. #49428, @andresmgot\n * AzureMonitor: Update allowed namespaces. #48468,\n @jcolladokuri\n * CloudMonitor: Correctly encode default project response.\n #49510, @aangelisc\n * Cloudwatch: Add support for new AWS/RDS EBS* metrics.\n #48798, @szymonpk\n * InfluxDB: Use backend for influxDB by default via feature\n toggle. #48453, @yesoreyeram\n * Legend: Use correct unit for percent and count calculations.\n #49004, @dprokop\n * LokI: use millisecond steps in Grafana 8.5.x. #48630, @gabor\n * Plugins: Introduce HTTP 207 Multi Status response to\n api/ds/query. #48550, @wbrowne\n * Transformations: Add an All Unique Values Reducer. #48653,\n @josiahg\n * Transformers: avoid error when the ExtractFields source field\n is missing. #49368, @wardbekker\n * [v8.5.x] Alerting: Update migration to migrate only alerts\n that belong to existing org\\dashboard. #49199, @grafanabot\n + Bug fixes (8.5.4):\n * Alerting: Allow disabling override timings for notification\n policies. #48648, @gillesdemey\n * Alerting: Allow serving images from custom url path. #49022,\n @gillesdemey\n * Alerting: Apply Custom Headers to datasource queries. #47860,\n @joeblubaugh\n * Alerting: Fix RBAC actions for notification policies. #49185,\n @yuri-tceretian\n * Alerting: Fix access to alerts for viewer with editor\n permissions when RBAC is disabled. #49270, @yuri-tceretian\n * Alerting: Fix anonymous access to alerting. #49203,\n * Alerting: correctly show all alerts in a folder. #48684,\n * AzureMonitor: Fixes metric definition for Azure Storage\n queue/file/blob/table resources. #49101, @aangelisc\n * Dashboard: Fix dashboard update permission check. #48746,\n @IevaVasiljeva\n * DashboardExport: Fix exporting and importing dashboards where\n query data source ended up as incorrect. #48410, @torkelo\n * FileUpload: clicking the Upload file button now opens their\n modal correctly. #48766, @ashharrison90\n * GrafanaUI: Fix color of links in error Tooltips in light\n theme. #49327, @joshhunt\n * LibraryPanels: Fix library panels not connecting properly in\n imported dashboards. #49161, @joshhunt\n * Loki: Improve unpack parser handling. #49074, @gabor\n * RolePicker: Fix menu position on smaller screens. #48429,\n @Clarity-89\n * TimeRange: Fixes updating time range from url and browser\n history. #48657, @torkelo\n * TimeSeries: Fix detection \u0026 rendering of sparse datapoints.\n #48841, @leeoniya\n * Timeseries: Fix outside range stale state. #49633, @ryantxu\n * Tooltip: Fix links not legible in Tooltips when using light\n theme. #48748, @joshhunt\n * Tooltip: Sort decimals using standard numeric compare.\n #49084, @dprokop\n * Transforms: Labels to fields, fix label picker layout.\n #49304, @torkelo\n * Variables: Fixes issue with data source variables not\n updating queries with variable. #49478, @torkelo\n * [v8.5.x] Alerting: Fix RBAC actions for notification policies\n (#49185). #49348, @yuri-tceretian\n * [v8.5.x] Alerting: Fix access to alerts for viewer with\n editor permissions when RBAC is disabled. #49427, @konrad147\n * [v8.5.x] Alerting: Fix anonymous access to alerting. #49268,\n + Breaking changes (8.5.4):\n For a data source query made via /api/ds/query:\n If the DatasourceQueryMultiStatus feature is enabled and\n The data source response has an error set as part of the\n DataResponse, the resulting HTTP status code is now 207\n Multi Status instead of 400 Bad gateway\n If the DatasourceQueryMultiStatus feature is not enabled and\n DataResponse, the resulting HTTP status code is 400 Bad\n Request (no breaking change)\n --\u003e Issue #48550\n + Bug fixes (8.5.3):\n * Security: fixes CVE-2022-29170. #49240, @xlson\n + Features and enhancements (8.5.2):\n * Alerting: Add safeguard for migrations that might cause\n dataloss. #48526, @JohnnyQQQQ\n * AzureMonitor: Add support for not equals and startsWith\n operators when creating Azure Metrics dimension filters.\n #48077, @aangelisc\n * Elasticsearch: Add deprecation notice for \u003c 7.10 versions.\n #48506, @ivanahuckova\n * Traces: Filter by service/span name and operation in Tempo\n and Jaeger. #48209, @joey-grafana\n + Bug fixes (8.5.2):\n * AzureAd Oauth: Fix strictMode to reject users without an\n assigned role. #48474, @kyschouv\n * CloudWatch: Fix variable query tag migration. #48587, @iwysiu\n * Plugins: Ensure catching all appropriate 4xx api/ds/query\n scenarios. #47565, @wbrowne\n + Bug fixes (8.5.1):\n * Azure Monitor: Fix space character encoding for metrics query\n link to Azure Portal. #48139, @kevinwcyu\n * CloudWatch: Prevent log groups from being removed on query\n change. #47994, @asimpson\n * Cloudwatch: Fix template variables in variable queries.\n #48140, @iwysiu\n * Explore: Prevent direct access to explore if disabled via\n feature toggle. #47714, @Elfo404\n * InfluxDB: Fixes invalid no data alerts. #48295, @yesoreyeram\n * Navigation: Prevent navbar briefly showing on login. #47968,\n @ashharrison90\n * Plugins Catalog: Fix styling of hyperlinks. #48196, @marefr\n * Table: Fix filter crashes table. #48258, @zoltanbedi\n * TimeSeries: Properly stack series with missing datapoints.\n #48321, @leeoniya\n + Features and enhancements (8.5.0):\n * Alerting: Add contact points provisioning API. #47197,\n @JohnnyQQQQ\n * Alerting: Add resolved count to notification title when both\n firing and resolved present. #46697, @JacobsonMT\n * Alerting: Alert rule should wait For duration when execution\n error state is Alerting. #47052, @grobinson-grafana\n * Alerting: Classic conditions can now display multiple values.\n #46971, @gotjosh\n * Alerting: Display query from grafana-managed alert rules on\n /api/v1/rules. #45969, @gotjosh\n * Alerting: Enhance support for arbitrary group names in\n managed alerts. #47785, @gillesdemey\n * Alerting: add field for custom slack endpoint. #45751,\n @nathanrodman\n * Azure Monitor : Adding json formatting of error messages in\n Panel Header Corner and Inspect Error Tab. #44877, @yaelleC\n * Azure Monitor: Add 2 more Curated Dashboards for VM Insights.\n #45187, @jcolladokuri\n * CloudWatch: Handle new error codes for MetricInsights.\n #47033, @Gabrielopesantos\n * Dashboards: show changes in save dialog. #46557, @ryantxu\n * DataSource: Default data source is no longer a persisted\n state but just the default data source for new panels.\n #45132, @torkelo\n * DataSourcePlugin API: Allow queries import when changing data\n source type. #47435, @dprokop\n * Explore: Remove return to panel button. #45018, @gelicia\n * Explore: allow users to save Explore state to a new panel in\n a new dashboard. #45148, @Elfo404\n * Instrumentation: Proxy status code correction and various\n improvements. #47473, @marefr\n * Logging: Introduce feature toggle to activate gokit/log\n format. #47336, @ying-jeanne\n * NewsPanel: Add support for Atom feeds. #45390, @kaydelaney\n * Plugins: Add deprecation notice for /api/tsdb/query endpoint.\n #45238, @wbrowne\n * Plugins: Adding support for traceID field to accept\n variables. #45559, @vinisdl\n * PostgreSQL: __unixEpochGroup to support arithmetic expression\n as argument. #46764, @s0nik42\n * Profile/Help: Expose option to disable profile section and\n help menu. #46308, @cameronwaterman\n * Prometheus: Enable new visual query builder by default.\n #46634, @torkelo\n * SAML: Allow disabling of SAML signups. #47481, @mmandrus\n * SAML: Allow disabling of SAML signups. (Enterprise)\n * Table: New pagination option. #45732, @zoltanbedi\n * TablePanel: Add cell inspect option. #45620, @dprokop\n * Tempo / Trace Viewer: Support Span Links in Trace Viewer.\n #45632, @Shachi16\n * Tempo: Download span references in data inspector. #47074,\n @connorlindsey\n * Tempo: Separate trace to logs and loki search datasource\n config. #46655, @connorlindsey\n * Trace View: Show number of child spans. #44393, @tharun208\n * Transformations: Support escaped characters in key-value pair\n parsing. #47901, @aangelisc\n + Bug fixes (8.5.0):\n * Azure Monitor: Bug Fix for incorrect variable cascading for\n template variables. #47478, @jcolladokuri\n * CloudWatch: List all metrics properly in SQL autocomplete.\n #45898, @sunker\n * CloudWatch: Run query on blur in logs query field. #47454,\n @fridgepoet\n * Dashboard: Template variables are now correctly persisted\n when clicking breadcrumb links. #46790, @ashharrison90\n * DashboardPage: Remember scroll position when coming back\n panel edit / view panel. #47639, @torkelo\n * Panel Edit: Options search now works correctly when a\n logarithmic scale option is set. #47927, @ashharrison90\n * Postgres: Return tables with hyphenated schemes. #45754,\n @zuchka\n * Table panel: Fix horizontal scrolling when pagination is\n enabled. #47776, @dprokop\n * Variables: Ensure variables in query params are correctly\n recognised. #47049, @ashharrison90\n * Variables: Fix crash when changing query variable datasource.\n #44957, @joshhunt\n * Visualizations: Stack negative-valued series downwards.\n #47373, @leeoniya\n + Breaking changes (8.5.0):\n For a proxied request, e.g. Grafana\u0027s datasource or plugin\n proxy: If the request is cancelled, e.g. from the browser/by\n the client, the HTTP status code is now 499 Client closed\n request instead of 502 Bad gateway If the request times out,\n e.g. takes longer time than allowed, the HTTP status code is\n now 504 Gateway timeout instead of 502 Bad gateway. Issue\n #47473 The change in behavior is that negative-valued series\n are now stacked downwards from 0 (in their own stacks), rather\n than downwards from the top of the positive stacks. We now\n automatically group stacks by Draw style, Line interpolation,\n and Bar alignment, making it impossible to stack bars on top of\n lines, or smooth lines on top of stepped lines. Issue #47373\n The meaning of the default data source has now changed from\n being a persisted property in a panel. Before when you selected\n the default data source for a panel and later changed the\n default data source to another data source it would change all\n panels who were configured to use the default data source. From\n now on the default data source is just the default for new\n panels and changing the default will not impact any currently\n saved dashboards. Issue #45132 The Tooltip component provided\n by @grafana/ui is no longer automatically interactive (that is\n you can hover onto it and click a link or select text). It will\n from now on by default close automatically when you mouse out\n from the trigger element. To make tooltips behave like before\n set the new interactive property to true.\n + Deprecations (8.5.0):\n /api/tsdb/query API has been deprecated and will be removed in\n a future release. Use /api/ds/query instead. Issue #45238\n + Plugin development fixes \u0026 changes (8.5.0):\n * Card: Increase clickable area when meta items are present.\n #47935, @ashharrison90\n * Loki: Fix operator description propup from being shortened.\n #46575, @glintik\n * Tooltips: Make tooltips non interactive by default. #45053,\n @torkelo\n + Features and enhancements (8.4.7):\n * CloudWatch: Added missing MemoryDB Namespace metrics. #47290,\n @james-deee\n * Histogram Panel: Take decimal into consideration. #47330,\n @mdvictor\n * TimeSeries: Sort tooltip values based on raw values. #46738,\n @dprokop\n + Bug fixes (8.4.7):\n * API: Include userId, orgId, uname in request logging\n middleware. #47183, @marefr\n * Elasticsearch: Respect maxConcurrentShardRequests datasource\n setting. #47120, @alexandrst88\n + Features and enhancements (8.4.5):\n * Instrumentation: Make backend plugin metrics endpoints\n available with optional authentication. #46467, @marefr\n * Table panel: Show datalinks for cell display modes JSON View\n and Gauge derivates. #46020, @mdvictor\n + Bug fixes (8.4.5):\n * Azure Monitor: Small bug fixes for Resource Picker. #46665,\n @sarahzinger\n * Logger: Use specified format for file logger. #46970, @sakjur\n * Logs: Handle missing fields in dataframes better. #46963,\n @gabor\n * ManageDashboards: Fix error when deleting all dashboards from\n folder view. #46877, @joshhunt\n + Features and enhancements (8.4.4):\n * Loki: Add unpack to autocomplete suggestions (#44623).\n #46573, @glintik\n * Plugins: allow using both Function and Class components for\n app plugins. #46148, @leventebalogh\n * TimeSeries: Add migration for Graph panel\u0027s transform series\n override. #46577, @dprokop\n * TimeSeries: Preserve null/undefined values when performing\n negative y transform. #46584, @dprokop\n + Bug fixes (8.4.4):\n * CloudWatch: Use default http client from aws-sdk-go. #46370,\n @sunker\n * Dashboards: Fixes repeating by row and no refresh. #46565,\n * Gauge: Fixes blank viz when data link exists and orientation\n was horizontal. #46335, @torkelo\n * Search: sort results correctly when using postgres. #46466,\n @xlson\n * TagsInput: fix tags remove button accessibility issues.\n #46254, @Elfo404\n * TextPanel: Sanitize after markdown has been rendered to html.\n #46166, @ashharrison90\n + Features and enhancements (8.4.3):\n * Alerting: Grafana uses \u003e instead of \u003e= when checking the For\n duration. #46010\n * Alerting: Use expanded labels in dashboard annotations.\n #45726, @grobinson-grafana\n * Logs: Escape windows newline into single newline. #45771,\n @perosb\n + Bug fixes (8.4.3):\n * Alerting: Fix use of \u003e instead of \u003e= when checking the For\n duration. #46011, @grobinson-grafana\n * Azure Monitor: Fixes broken log queries that use workspace.\n #45820, @sunker\n * CloudWatch: Remove error message when using multi-valued\n template vars in region field. #45886, @sunker\n * Middleware: Fix IPv6 host parsing in CSRF check. #45911,\n @ying-jeanne\n + Plugin development fixes \u0026 changes (8.4.3):\n * ClipboardButton: Use a fallback when the Clipboard API is\n unavailable. #45831, @ashharrison90\n + Features and enhancements (8.4.2):\n * OAuth: Add setting to skip org assignment for external\n users. #34834, @baez90\n * Tracing: Add option to map tag names to log label names in\n trace to logs settings. #45178, @connorlindsey\n + Bug fixes (8.4.2):\n * Explore: Fix closing split pane when logs panel is\n used. #45602, @ifrost\n + Features and enhancements (8.4.1):\n * Cloudwatch: Add support for AWS/PrivateLink* metrics and\n dimensions. #45515, @szymonpk\n * Configuration: Add ability to customize okta login button\n name and icon. #44079, @DanCech\n * Tempo: Switch out Select with AsyncSelect component to get\n loading state in Tempo Search. #45110, @CatPerry\n + Bug fixes (8.4.1):\n * Alerting: Fix migrations by making send_alerts_to field\n nullable. #45572, @santihernandezc\n + Features and enhancements (8.4.0):\n * API: Extract OpenAPI specification from source code using\n go-swagger. #40528, @papagian\n * AccessControl: Disable user remove and user update roles when\n they do not have the permissions. #43429, @Jguer\n * AccessControl: Provisioning for teams. #43767, @gamab\n * API: Add usage stats preview endpoint. #43899, @Jguer\n * Alerting: Move slow queries in the scheduler to another\n goroutine. #44423, @grobinson-grafana\n * Alerting: Use time.Ticker instead of alerting.Ticker in\n ngalert. #44395, @grobinson-grafana\n * Alerting: add custom grouping to Alert Panel. #44559,\n * Analytics: Add user id tracking to google analytics.\n #42763, @autoric\n * Angular: Add AngularJS plugin support deprecation plan to\n docs site. #45149, @torkelo\n * Auth: implement auto_sign_up for auth.jwt. #43502, @sakjur\n * Azure Monitor Logs: Order subscriptions in resource picker by\n name. #45228, @sunker\n * Azure monitor Logs: Optimize data fetching in resource\n picker. #44549, @sunker\n * AzureMonitor: Filter list of resources by resourceType.\n #43522, @andresmgot\n * BarChart: color by field, x time field, bar radius, label\n skipping. #43257, @leeoniya\n * Chore: Implement OpenTelemetry in Grafana. #42674, @idafurjes\n * Cloud Monitoring: Adds metric type to Metric drop down\n options. #43268, @tw1nk\n * CloudWatch: Add Data Lifecycle Manager metrics and dimension.\n #43310, @ilyastoli\n * CloudWatch: Add Missing Elasticache Host-level metrics.\n #43455, @dhendo\n * CloudWatch: Add all ElastiCache Redis Metrics. #43336,\n @siavashs\n * CloudWatch: Add new AWS/ES metrics. #43034, @sunker\n * Cloudwatch: Add syntax highlighting and autocomplete for\n \u0027Metric Search\u0027. #43985, @sarahzinger\n * Explore: Support custom display label for exemplar links for\n Prometheus datasource. #42732, @JokerQueue\n * Hotkeys: Make time range absolute/permanent. #43802, @davkal\n * Playlists: Enable sharing direct links to playlists. #44161,\n * SQLStore: Prevent concurrent migrations. #44101, @papagian\n * SSE: Add Mode to drop NaN/Inf/Null in Reduction operations.\n #43583, @kylebrandt\n * Setting: Support configuring feature toggles with bools\n instead of just passing an array. #43326, @bergquist\n * TimeSeries: Add support for negative Y and constant\n transform. #44774, @dprokop\n * Transformations: Add \u0027JSON\u0027 field type to\n ConvertFieldTypeTransformer. #42624, @sd2k\n + Bug fixes (8.4.0):\n * Auth: Guarantee consistency of signed SigV4 headers.\n #45054, @wbrowne\n * CloudWatch: Fix MetricName resetting on Namespace change.\n #44165, @yaelleC\n * Cloudwatch : Fixed reseting metric name when changing\n namespace in Metric Query. #44612, @yaelleC\n * Explore: Avoid locking timepicker when range is inverted.\n #44790, @Elfo404\n * Instrumentation: Fix HTTP request instrumentation of\n authentication failures. #44234, @marefr\n * LibraryPanels: Prevent long descriptions and names from\n obscuring the delete button. #45190, @zuchka\n * OAuth: Fix parsing of ID token if header contains non-string\n value. #44159, @marefr\n * Panel Edit: Visualization search now works correctly with\n special characters. #45137, @ashharrison90\n * Provisioning: Fix duplicate validation when multiple\n organizations have been configured. #44151, @marefr\n * QueryField: Fix issue with undo history when suggestion is\n inserted (#28656). #39114, @glintik\n * TablePanel: Do not prefix columns with frame name if multiple\n frames and override active. #45174, @mdvictor\n + Deprecations (8.4.0):\n AngularJS plugin support is now in a deprecated state, meaning\n it will be removed in a future release. Currently, that is\n planned for version 10 (in 2023). The documentation site has an\n article with more details on why, when, and how. Issue #45149\n- Update to version 8.3.10\n + Security:\n * Fixes XSS vulnerability in the Unified Alerting\n (bsc#1201535, CVE-2022-31097)\n * Fixes OAuth account takeover vulnerability\n (bsc#1201539, CVE-2022-31107)\n- Update to version 8.3.9\n + Bug fixes:\n * Geomap: Display legend\n * Prometheus: Fix timestamp truncation\n- Update to version 8.3.7\n * Provisioning: Ensure that the default value for orgID is set\n when provisioning datasources to be deleted.\n- Update to version 8.3.6\n * Cloud Monitoring: Reduce request size when listing labels.\n * Explore: Show scalar data result in a table instead of graph.\n * Snapshots: Updates the default external snapshot server URL.\n * Table: Makes footer not overlap table content.\n * Tempo: Add request histogram to service graph datalink.\n * Tempo: Add time range to tempo search query behind a feature flag.\n * Tempo: Auto-clear results when changing query type.\n * Tempo: Display start time in search results as relative time.\n * CloudMonitoring: Fix resource labels in query editor.\n * Cursor sync: Apply the settings without saving the dashboard.\n * LibraryPanels: Fix for Error while cleaning library panels.\n * Logs Panel: Fix timestamp parsing for string dates without timezone.\n * Prometheus: Fix some of the alerting queries that use reduce/math operation.\n * TablePanel: Fix ad-hoc variables not working on default datasources.\n * Text Panel: Fix alignment of elements.\n * Variables: Fix for constant variables in self referencing links.\n- Update _constraints to require at least 5GB, because with less we\n can\u0027t build it.\n- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422,\n jsc#SLE-24565)\n + Security: Fixes CVE-2021-43813 and CVE-2021-43815,\n bsc#1193686.\n + Security: Fixes CVE-2021-43798, bsc#1193492.\n + Security: Fixes CVE-2021-41244, bsc#1192763.\n + Security: Fixes CVE-2021-41174, bsc#1192383.\n fix CVE-2021-3711, bsc#1189520.\n * Security: Update dependencies to fix CVE-2021-36222,\n bsc#1188571.\n\nmgr-push:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.6-1\n * Remove unused makefiles\n- Version 4.4.5-1\n * Use http to connect to localhost server\n * Use bundle CA certificate in rhnpush\n- Version 4.4.4-1\n * remove pylint check at build time\n- Version 4.4.3-1\n * Ensure installation of make for building\n- Version 4.4.2-1\n * Update translation strings\n- Version 4.4.1-1\n * Bump version to 4.4.0\n\nprometheus-blackbox_exporter:\n\n- Use obscpio for go modules service\n- Set version number\n- Set build date from SOURCE_DATE_EPOCH\n- Update to 0.24.0 (bsc#1212279, jsc#PED-4556)\n * Requires go1.19\n- Drop:\n- Avoid empty validation script\n- Add rc symlink for backwards compatibility\n- Fix authentication bypass via cache poisoning\n (CVE-2022-46146, bsc#1208062)\n- Add `min_version` parameter of `tls_config` to allow enabling\n TLS 1.0 and 1.1 (bsc#1209113)\n- On SUSE Linux Enterprise build always with Go \u003e= 1.19 (bsc#1203599)\n- Build with go1.18 only for SLE-15-SP3 and \n build with \u003e= go1.19 on higher SP (bsc#1203599)\n- Require go1.18 (bsc#1203599, GH#19127)\n- Exclude s390 arch\n- Fix %pre section to avoid empty content\n- Updated to allow building on older rpmbuild.\n- Enhanced to build on Enterprise Linux 8\n\nprometheus-postgres_exporter:\n\n- CVE-2022-46146: Fix authentication bypass via cache poisoning (bsc#1208060)\n- Remove duplicated call to systemd requirements\n- Do not build debug if RHEL \u003e= 8\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Build at least with with Go \u003e= 1.18 on RHEL\n- Build with Go \u003e= 1.20 elsewhere\n- Adapt the systemd service security configuration\n to be able to start it on RHEL systems and clones\n- Create the prometheus user for RHEL systems and clones\n- Fix _service to pull correct version\n- Use go_modules source service\n- Upgrade to version 0.10.1:\n * Fix broken log-level for values other than debug (bsc#1208965)\n- Version/release lines above first usage of those macros.\n gh#uyuni-project/uyuni#5418\n- Prevent empty %pre section\n- Exclude s390 builds \n- Updated for RHEL8.\n\npython-hwdata:\n\n- Declare the LICENSE file as license and not doc\n\npython-pyvmomi:\n\n- Preparing submission to SUSE:SLE-15-SP3:Update as part of ECO PED-3623.\n\nrhnlib:\n\n- Version 5.0.1-1\n * Specify a packager for Debian like distros\n- Version 4.4.6-1\n * Remove unused makefiles\n- Version 4.4.5-1\n * Use bundle CA certificate in rhnpush\n- Version 4.4.4-1\n * Only use TLSv1+ for SSL connections\n- Version 4.4.3-1\n * Ensure installation of make for building\n- Version 4.4.2-1\n * Don\u0027t get stuck at the end of SSL transfers (bsc#1204032)\n- Version 4.4.1-1\n * Bump version to 4.4.0\n\nspacecmd:\n\n- Version 5.0.1-1\n * Use localhost without ssl when running on the server\n- Version 4.4.10-1\n * Update translation strings\n- Version 4.4.9-1\n- Version 4.4.8-1\n * Add spacecmd function: cryptokey_update\n * Bypass traditional systems check on older SUMA instances (bsc#1208612)\n * fix argument parsing of distribution_update (bsc#1210458)\n- Version 4.4.7-1\n * remove pylint check at build time\n * Display activation key details after executing the corresponding command (bsc#1208719)\n * Show targetted packages before actually removing them (bsc#1207830)\n- Version 4.4.6-1\n * Fix spacecmd not showing any output for softwarechannel_diff \n and softwarechannel_errata_diff (bsc#1207352)\n- Version 4.4.5-1\n * Prevent string api parameters to be parsed as dates if not in\n ISO-8601 format (bsc#1205759)\n * Add python-dateutil dependency, required to process date values in\n spacecmd api calls\n * Remove python3-simplejson dependency\n- Version 4.4.4-1\n * Correctly understand \u0027ssm\u0027 keyword on scap scheduling\n * Add vendor_advisory information to errata_details call (bsc#1205207)\n * Change default port of \u0027Containerized Proxy configuration\u0027 8022\n- Version 4.4.3-1\n * Added two missing options to schedule product migration: allow-vendor-change\n and remove-products-without-successor (bsc#1204126)\n * Changed schedule product migration to use the correct API method\n * Fix dict_keys not supporting indexing in systems_setconfigchannelorger\n * Added a warning message for traditional stack deprecation\n * Remove \u0027Undefined return code\u0027 from debug messages (bsc#1203283)\n- Version 4.4.2-1\n * Stop always showing help for valid proxy_container_config calls\n- Version 4.4.1-1\n * Process date values in spacecmd api calls (bsc#1198903)\n * Improve Proxy FQDN hint message\n- Version 4.3.14-1\n * Fix missing argument on system_listmigrationtargets (bsc#1201003)\n * Show correct help on calling kickstart_importjson with no arguments\n * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)\n * Change proxy container config default filename to end with tar.gz\n- Version 4.3.13-1\n- Version 4.3.12-1\n- Version 4.3.11-1\n * on full system update call schedulePackageUpdate API (bsc#1197507)\n\nspacewalk-client-tools:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.7-1\n * Remove unused and deprecated/removed platform.dist import.\n- Version 4.4.6-1\n * Update translation strings\n * Tito requires to list the package source as %{name}-%{version}.tar.gz\n- Version 4.4.5-1\n * remove mgr-virtualization usage\n * remove dependency to suseRegisterInfo\n- Version 4.4.4-1\n- Version 4.4.3-1\n- Version 4.4.2-1\n- Version 4.4.1-1\n- Version 4.3.11-1\n- Version 4.3.10-1\n\nsupportutils-plugin-salt:\n\n- Update to version 1.2.2\n * Remove possible passwords from Salt configuration files (bsc#1201059)\n- Update to version 1.2.1\n * Remove ERROR messages on Salt client systems\n- Declare the LICENSE file as license and not doc\n- Update to version 1.2.0\n * Add support for Salt Bundle\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.2-1\n * write configured crypto-policy in supportconfig\n * add cloud and payg checks\n- Version 4.4.1-1\n * Bump version to 4.4.0\n- Version 4.3.2-1\n * Add proxy containers config and logs\n\nuyuni-common-libs:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.4-1\n * Workaround for python3-debian bug about collecting control file (bsc#1211525, bsc#1208692)\n * Accept missing rhn.conf file\n * Use context manager for apache users in fileutils.py.\n- Version 4.4.3-1\n * Ensure installation of make for building.\n * Use versioned Python during packaging.\n- Version 4.4.2-1\n * unify user notification code on java side\n- Version 4.4.1-1\n * Do not allow creating path if nonexistent user or group in fileutils.\n- Version 4.3.5-1\n * Fix reposync issue about \u0027rpm.hdr\u0027 object has no attribute \u0027get\u0027\n\nuyuni-proxy-systemd-services:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.2-1\n * Fix script for allowing using container images from different registry paths\n * Allow using container images from different registry paths\n- Version 4.4.1-1\n * Expose /etc/sysconfig/proxy variables to container services (bsc#1202945)\n- Version 4.3.6-1\n * Expose port 80 (bsc#1200142)\n * Use volumes rather than bind mounts\n * TFTPD to listen on udp port (bsc#1200968)\n * Add TAG variable in configuration \n- Version 4.3.5-1\n * Fix containers namespaces in configuration\n- Version 4.3.4-1\n * Rename container_images_path specfile macro to less generic one\n- Version 4.3.3-1\n * Default to SUSE Manager images only when installed from SUSE Manager\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-196,SUSE-SLE-Manager-Tools-15-BETA-2024-196,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-196",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0196-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0196-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240196-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0196-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html"
},
{
"category": "self",
"summary": "SUSE Bug 1172110",
"url": "https://bugzilla.suse.com/1172110"
},
{
"category": "self",
"summary": "SUSE Bug 1176460",
"url": "https://bugzilla.suse.com/1176460"
},
{
"category": "self",
"summary": "SUSE Bug 1180816",
"url": "https://bugzilla.suse.com/1180816"
},
{
"category": "self",
"summary": "SUSE Bug 1180942",
"url": "https://bugzilla.suse.com/1180942"
},
{
"category": "self",
"summary": "SUSE Bug 1181119",
"url": "https://bugzilla.suse.com/1181119"
},
{
"category": "self",
"summary": "SUSE Bug 1181935",
"url": "https://bugzilla.suse.com/1181935"
},
{
"category": "self",
"summary": "SUSE Bug 1183684",
"url": "https://bugzilla.suse.com/1183684"
},
{
"category": "self",
"summary": "SUSE Bug 1187725",
"url": "https://bugzilla.suse.com/1187725"
},
{
"category": "self",
"summary": "SUSE Bug 1188061",
"url": "https://bugzilla.suse.com/1188061"
},
{
"category": "self",
"summary": "SUSE Bug 1188571",
"url": "https://bugzilla.suse.com/1188571"
},
{
"category": "self",
"summary": "SUSE Bug 1189520",
"url": "https://bugzilla.suse.com/1189520"
},
{
"category": "self",
"summary": "SUSE Bug 1191454",
"url": "https://bugzilla.suse.com/1191454"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192383",
"url": "https://bugzilla.suse.com/1192383"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1192763",
"url": "https://bugzilla.suse.com/1192763"
},
{
"category": "self",
"summary": "SUSE Bug 1193492",
"url": "https://bugzilla.suse.com/1193492"
},
{
"category": "self",
"summary": "SUSE Bug 1193686",
"url": "https://bugzilla.suse.com/1193686"
},
{
"category": "self",
"summary": "SUSE Bug 1193688",
"url": "https://bugzilla.suse.com/1193688"
},
{
"category": "self",
"summary": "SUSE Bug 1197507",
"url": "https://bugzilla.suse.com/1197507"
},
{
"category": "self",
"summary": "SUSE Bug 1198903",
"url": "https://bugzilla.suse.com/1198903"
},
{
"category": "self",
"summary": "SUSE Bug 1199810",
"url": "https://bugzilla.suse.com/1199810"
},
{
"category": "self",
"summary": "SUSE Bug 1200142",
"url": "https://bugzilla.suse.com/1200142"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1200591",
"url": "https://bugzilla.suse.com/1200591"
},
{
"category": "self",
"summary": "SUSE Bug 1200968",
"url": "https://bugzilla.suse.com/1200968"
},
{
"category": "self",
"summary": "SUSE Bug 1200970",
"url": "https://bugzilla.suse.com/1200970"
},
{
"category": "self",
"summary": "SUSE Bug 1201003",
"url": "https://bugzilla.suse.com/1201003"
},
{
"category": "self",
"summary": "SUSE Bug 1201059",
"url": "https://bugzilla.suse.com/1201059"
},
{
"category": "self",
"summary": "SUSE Bug 1201535",
"url": "https://bugzilla.suse.com/1201535"
},
{
"category": "self",
"summary": "SUSE Bug 1201539",
"url": "https://bugzilla.suse.com/1201539"
},
{
"category": "self",
"summary": "SUSE Bug 1202614",
"url": "https://bugzilla.suse.com/1202614"
},
{
"category": "self",
"summary": "SUSE Bug 1202945",
"url": "https://bugzilla.suse.com/1202945"
},
{
"category": "self",
"summary": "SUSE Bug 1203283",
"url": "https://bugzilla.suse.com/1203283"
},
{
"category": "self",
"summary": "SUSE Bug 1203596",
"url": "https://bugzilla.suse.com/1203596"
},
{
"category": "self",
"summary": "SUSE Bug 1203597",
"url": "https://bugzilla.suse.com/1203597"
},
{
"category": "self",
"summary": "SUSE Bug 1203599",
"url": "https://bugzilla.suse.com/1203599"
},
{
"category": "self",
"summary": "SUSE Bug 1204032",
"url": "https://bugzilla.suse.com/1204032"
},
{
"category": "self",
"summary": "SUSE Bug 1204126",
"url": "https://bugzilla.suse.com/1204126"
},
{
"category": "self",
"summary": "SUSE Bug 1204302",
"url": "https://bugzilla.suse.com/1204302"
},
{
"category": "self",
"summary": "SUSE Bug 1204303",
"url": "https://bugzilla.suse.com/1204303"
},
{
"category": "self",
"summary": "SUSE Bug 1204304",
"url": "https://bugzilla.suse.com/1204304"
},
{
"category": "self",
"summary": "SUSE Bug 1204305",
"url": "https://bugzilla.suse.com/1204305"
},
{
"category": "self",
"summary": "SUSE Bug 1204501",
"url": "https://bugzilla.suse.com/1204501"
},
{
"category": "self",
"summary": "SUSE Bug 1205207",
"url": "https://bugzilla.suse.com/1205207"
},
{
"category": "self",
"summary": "SUSE Bug 1205225",
"url": "https://bugzilla.suse.com/1205225"
},
{
"category": "self",
"summary": "SUSE Bug 1205227",
"url": "https://bugzilla.suse.com/1205227"
},
{
"category": "self",
"summary": "SUSE Bug 1205599",
"url": "https://bugzilla.suse.com/1205599"
},
{
"category": "self",
"summary": "SUSE Bug 1205759",
"url": "https://bugzilla.suse.com/1205759"
},
{
"category": "self",
"summary": "SUSE Bug 1207352",
"url": "https://bugzilla.suse.com/1207352"
},
{
"category": "self",
"summary": "SUSE Bug 1207749",
"url": "https://bugzilla.suse.com/1207749"
},
{
"category": "self",
"summary": "SUSE Bug 1207750",
"url": "https://bugzilla.suse.com/1207750"
},
{
"category": "self",
"summary": "SUSE Bug 1207830",
"url": "https://bugzilla.suse.com/1207830"
},
{
"category": "self",
"summary": "SUSE Bug 1208046",
"url": "https://bugzilla.suse.com/1208046"
},
{
"category": "self",
"summary": "SUSE Bug 1208049",
"url": "https://bugzilla.suse.com/1208049"
},
{
"category": "self",
"summary": "SUSE Bug 1208060",
"url": "https://bugzilla.suse.com/1208060"
},
{
"category": "self",
"summary": "SUSE Bug 1208062",
"url": "https://bugzilla.suse.com/1208062"
},
{
"category": "self",
"summary": "SUSE Bug 1208065",
"url": "https://bugzilla.suse.com/1208065"
},
{
"category": "self",
"summary": "SUSE Bug 1208270",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "self",
"summary": "SUSE Bug 1208293",
"url": "https://bugzilla.suse.com/1208293"
},
{
"category": "self",
"summary": "SUSE Bug 1208298",
"url": "https://bugzilla.suse.com/1208298"
},
{
"category": "self",
"summary": "SUSE Bug 1208612",
"url": "https://bugzilla.suse.com/1208612"
},
{
"category": "self",
"summary": "SUSE Bug 1208692",
"url": "https://bugzilla.suse.com/1208692"
},
{
"category": "self",
"summary": "SUSE Bug 1208719",
"url": "https://bugzilla.suse.com/1208719"
},
{
"category": "self",
"summary": "SUSE Bug 1208819",
"url": "https://bugzilla.suse.com/1208819"
},
{
"category": "self",
"summary": "SUSE Bug 1208821",
"url": "https://bugzilla.suse.com/1208821"
},
{
"category": "self",
"summary": "SUSE Bug 1208965",
"url": "https://bugzilla.suse.com/1208965"
},
{
"category": "self",
"summary": "SUSE Bug 1209113",
"url": "https://bugzilla.suse.com/1209113"
},
{
"category": "self",
"summary": "SUSE Bug 1209645",
"url": "https://bugzilla.suse.com/1209645"
},
{
"category": "self",
"summary": "SUSE Bug 1210458",
"url": "https://bugzilla.suse.com/1210458"
},
{
"category": "self",
"summary": "SUSE Bug 1210640",
"url": "https://bugzilla.suse.com/1210640"
},
{
"category": "self",
"summary": "SUSE Bug 1210907",
"url": "https://bugzilla.suse.com/1210907"
},
{
"category": "self",
"summary": "SUSE Bug 1211525",
"url": "https://bugzilla.suse.com/1211525"
},
{
"category": "self",
"summary": "SUSE Bug 1212099",
"url": "https://bugzilla.suse.com/1212099"
},
{
"category": "self",
"summary": "SUSE Bug 1212100",
"url": "https://bugzilla.suse.com/1212100"
},
{
"category": "self",
"summary": "SUSE Bug 1212279",
"url": "https://bugzilla.suse.com/1212279"
},
{
"category": "self",
"summary": "SUSE Bug 1212641",
"url": "https://bugzilla.suse.com/1212641"
},
{
"category": "self",
"summary": "SUSE Bug 1218843",
"url": "https://bugzilla.suse.com/1218843"
},
{
"category": "self",
"summary": "SUSE Bug 1218844",
"url": "https://bugzilla.suse.com/1218844"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20178 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20180 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20191 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20228 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3447 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3583 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3620 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-36222 page",
"url": "https://www.suse.com/security/cve/CVE-2021-36222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3711 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41174 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41244 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43798 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43813 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43815 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23552 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29170 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31107 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31123 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31130 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-35957 page",
"url": "https://www.suse.com/security/cve/CVE-2022-35957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36062 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39201 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39229 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39306 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39306/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39307 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39324 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41723 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0507 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0594 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1387 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1387/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1410 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2183 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2801 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3128 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3128/"
}
],
"title": "Security Beta update for SUSE Manager Client Tools and Salt",
"tracking": {
"current_release_date": "2024-01-23T15:20:05Z",
"generator": {
"date": "2024-01-23T15:20:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0196-1",
"initial_release_date": "2024-01-23T15:20:05Z",
"revision_history": [
{
"date": "2024-01-23T15:20:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-159000.4.24.1.aarch64",
"product": {
"name": "grafana-9.5.8-159000.4.24.1.aarch64",
"product_id": "grafana-9.5.8-159000.4.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"product_id": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"product_id": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"product_id": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"product": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"product_id": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-159000.3.6.1.aarch64",
"product": {
"name": "python3-yarl-1.3.0-159000.3.6.1.aarch64",
"product_id": "python3-yarl-1.3.0-159000.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-159000.3.18.1.aarch64",
"product": {
"name": "uyuni-base-common-5.0.1-159000.3.18.1.aarch64",
"product_id": "uyuni-base-common-5.0.1-159000.3.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.aarch64",
"product": {
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.aarch64",
"product_id": "uyuni-base-proxy-5.0.1-159000.3.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.1-159000.3.18.1.aarch64",
"product": {
"name": "uyuni-base-server-5.0.1-159000.3.18.1.aarch64",
"product_id": "uyuni-base-server-5.0.1-159000.3.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-159000.3.9.1.aarch64",
"product": {
"name": "wire-0.5.0-159000.3.9.1.aarch64",
"product_id": "wire-0.5.0-159000.3.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-2.9.27-159000.3.9.1.noarch",
"product": {
"name": "ansible-2.9.27-159000.3.9.1.noarch",
"product_id": "ansible-2.9.27-159000.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "ansible-doc-2.9.27-159000.3.9.1.noarch",
"product": {
"name": "ansible-doc-2.9.27-159000.3.9.1.noarch",
"product_id": "ansible-doc-2.9.27-159000.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "ansible-test-2.9.27-159000.3.9.1.noarch",
"product": {
"name": "ansible-test-2.9.27-159000.3.9.1.noarch",
"product_id": "ansible-test-2.9.27-159000.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"product": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"product_id": "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch"
}
},
{
"category": "product_version",
"name": "mgr-push-5.0.1-159000.4.21.1.noarch",
"product": {
"name": "mgr-push-5.0.1-159000.4.21.1.noarch",
"product_id": "mgr-push-5.0.1-159000.4.21.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-hwdata-2.3.5-159000.5.13.1.noarch",
"product": {
"name": "python2-hwdata-2.3.5-159000.5.13.1.noarch",
"product_id": "python2-hwdata-2.3.5-159000.5.13.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-pyvmomi-6.7.3-159000.3.6.1.noarch",
"product": {
"name": "python2-pyvmomi-6.7.3-159000.3.6.1.noarch",
"product_id": "python2-pyvmomi-6.7.3-159000.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-hwdata-2.3.5-159000.5.13.1.noarch",
"product": {
"name": "python3-hwdata-2.3.5-159000.5.13.1.noarch",
"product_id": "python3-hwdata-2.3.5-159000.5.13.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"product": {
"name": "python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"product_id": "python3-mgr-push-5.0.1-159000.4.21.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"product": {
"name": "python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"product_id": "python3-pyvmomi-6.7.3-159000.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"product": {
"name": "python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"product_id": "python3-rhnlib-5.0.1-159000.6.30.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"product": {
"name": "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"product_id": "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"product": {
"name": "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"product_id": "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"product": {
"name": "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"product_id": "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.0.1-159000.6.42.1.noarch",
"product": {
"name": "spacecmd-5.0.1-159000.6.42.1.noarch",
"product_id": "spacecmd-5.0.1-159000.6.42.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-5.0.1-159000.6.48.1.noarch",
"product": {
"name": "spacewalk-check-5.0.1-159000.6.48.1.noarch",
"product_id": "spacewalk-check-5.0.1-159000.6.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"product": {
"name": "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"product_id": "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"product": {
"name": "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"product_id": "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"product": {
"name": "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"product_id": "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch"
}
},
{
"category": "product_version",
"name": "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"product": {
"name": "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"product_id": "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-159000.4.24.1.ppc64le",
"product": {
"name": "grafana-9.5.8-159000.4.24.1.ppc64le",
"product_id": "grafana-9.5.8-159000.4.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"product_id": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"product_id": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"product": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"product_id": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-159000.3.6.1.ppc64le",
"product": {
"name": "python3-yarl-1.3.0-159000.3.6.1.ppc64le",
"product_id": "python3-yarl-1.3.0-159000.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-159000.3.18.1.ppc64le",
"product": {
"name": "uyuni-base-common-5.0.1-159000.3.18.1.ppc64le",
"product_id": "uyuni-base-common-5.0.1-159000.3.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.ppc64le",
"product": {
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.ppc64le",
"product_id": "uyuni-base-proxy-5.0.1-159000.3.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.1-159000.3.18.1.ppc64le",
"product": {
"name": "uyuni-base-server-5.0.1-159000.3.18.1.ppc64le",
"product_id": "uyuni-base-server-5.0.1-159000.3.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-159000.3.9.1.ppc64le",
"product": {
"name": "wire-0.5.0-159000.3.9.1.ppc64le",
"product_id": "wire-0.5.0-159000.3.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-159000.6.33.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"product_id": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-159000.4.24.1.s390x",
"product": {
"name": "grafana-9.5.8-159000.4.24.1.s390x",
"product_id": "grafana-9.5.8-159000.4.24.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"product_id": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"product_id": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"product_id": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"product": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"product_id": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-159000.3.6.1.s390x",
"product": {
"name": "python3-yarl-1.3.0-159000.3.6.1.s390x",
"product_id": "python3-yarl-1.3.0-159000.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-159000.3.18.1.s390x",
"product": {
"name": "uyuni-base-common-5.0.1-159000.3.18.1.s390x",
"product_id": "uyuni-base-common-5.0.1-159000.3.18.1.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.s390x",
"product": {
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.s390x",
"product_id": "uyuni-base-proxy-5.0.1-159000.3.18.1.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.1-159000.3.18.1.s390x",
"product": {
"name": "uyuni-base-server-5.0.1-159000.3.18.1.s390x",
"product_id": "uyuni-base-server-5.0.1-159000.3.18.1.s390x"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-159000.3.9.1.s390x",
"product": {
"name": "wire-0.5.0-159000.3.9.1.s390x",
"product_id": "wire-0.5.0-159000.3.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-159000.4.24.1.x86_64",
"product": {
"name": "grafana-9.5.8-159000.4.24.1.x86_64",
"product_id": "grafana-9.5.8-159000.4.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"product_id": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"product_id": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"product_id": "python2-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"product": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"product_id": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-yarl-1.3.0-159000.3.6.1.x86_64",
"product": {
"name": "python3-yarl-1.3.0-159000.3.6.1.x86_64",
"product_id": "python3-yarl-1.3.0-159000.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-159000.3.18.1.x86_64",
"product": {
"name": "uyuni-base-common-5.0.1-159000.3.18.1.x86_64",
"product_id": "uyuni-base-common-5.0.1-159000.3.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.x86_64",
"product": {
"name": "uyuni-base-proxy-5.0.1-159000.3.18.1.x86_64",
"product_id": "uyuni-base-proxy-5.0.1-159000.3.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.1-159000.3.18.1.x86_64",
"product": {
"name": "uyuni-base-server-5.0.1-159000.3.18.1.x86_64",
"product_id": "uyuni-base-server-5.0.1-159000.3.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-159000.3.9.1.x86_64",
"product": {
"name": "wire-0.5.0-159000.3.9.1.x86_64",
"product_id": "wire-0.5.0-159000.3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15-BETA",
"product": {
"name": "SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools Beta for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-beta-micro:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-2.9.27-159000.3.9.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch"
},
"product_reference": "ansible-2.9.27-159000.3.9.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-doc-2.9.27-159000.3.9.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch"
},
"product_reference": "ansible-doc-2.9.27-159000.3.9.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch"
},
"product_reference": "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-159000.4.24.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64"
},
"product_reference": "grafana-9.5.8-159000.4.24.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-159000.4.24.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le"
},
"product_reference": "grafana-9.5.8-159000.4.24.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-159000.4.24.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x"
},
"product_reference": "grafana-9.5.8-159000.4.24.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-159000.4.24.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64"
},
"product_reference": "grafana-9.5.8-159000.4.24.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.0.1-159000.4.21.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch"
},
"product_reference": "mgr-push-5.0.1-159000.4.21.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-hwdata-2.3.5-159000.5.13.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch"
},
"product_reference": "python3-hwdata-2.3.5-159000.5.13.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-push-5.0.1-159000.4.21.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch"
},
"product_reference": "python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyvmomi-6.7.3-159000.3.6.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch"
},
"product_reference": "python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rhnlib-5.0.1-159000.6.30.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch"
},
"product_reference": "python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch"
},
"product_reference": "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch"
},
"product_reference": "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch"
},
"product_reference": "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64"
},
"product_reference": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le"
},
"product_reference": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x"
},
"product_reference": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64"
},
"product_reference": "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.1-159000.6.42.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch"
},
"product_reference": "spacecmd-5.0.1-159000.6.42.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch"
},
"product_reference": "spacewalk-check-5.0.1-159000.6.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch"
},
"product_reference": "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch"
},
"product_reference": "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch"
},
"product_reference": "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
},
"product_reference": "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch"
},
"product_reference": "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
},
"product_reference": "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-20178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20178"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20178",
"url": "https://www.suse.com/security/cve/CVE-2021-20178"
},
{
"category": "external",
"summary": "SUSE Bug 1180816 for CVE-2021-20178",
"url": "https://bugzilla.suse.com/1180816"
},
{
"category": "external",
"summary": "SUSE Bug 1186493 for CVE-2021-20178",
"url": "https://bugzilla.suse.com/1186493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-20178"
},
{
"cve": "CVE-2021-20180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20180"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20180",
"url": "https://www.suse.com/security/cve/CVE-2021-20180"
},
{
"category": "external",
"summary": "SUSE Bug 1180942 for CVE-2021-20180",
"url": "https://bugzilla.suse.com/1180942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-20180"
},
{
"cve": "CVE-2021-20191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20191"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20191",
"url": "https://www.suse.com/security/cve/CVE-2021-20191"
},
{
"category": "external",
"summary": "SUSE Bug 1181119 for CVE-2021-20191",
"url": "https://bugzilla.suse.com/1181119"
},
{
"category": "external",
"summary": "SUSE Bug 1181935 for CVE-2021-20191",
"url": "https://bugzilla.suse.com/1181935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-20191"
},
{
"cve": "CVE-2021-20228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20228"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20228",
"url": "https://www.suse.com/security/cve/CVE-2021-20228"
},
{
"category": "external",
"summary": "SUSE Bug 1181935 for CVE-2021-20228",
"url": "https://bugzilla.suse.com/1181935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-20228"
},
{
"cve": "CVE-2021-3447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3447"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3447",
"url": "https://www.suse.com/security/cve/CVE-2021-3447"
},
{
"category": "external",
"summary": "SUSE Bug 1183684 for CVE-2021-3447",
"url": "https://bugzilla.suse.com/1183684"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-3447"
},
{
"cve": "CVE-2021-3583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3583"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Ansible, where a user\u0027s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3583",
"url": "https://www.suse.com/security/cve/CVE-2021-3583"
},
{
"category": "external",
"summary": "SUSE Bug 1188061 for CVE-2021-3583",
"url": "https://bugzilla.suse.com/1188061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-3583"
},
{
"cve": "CVE-2021-3620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3620"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Ansible Engine\u0027s ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3620",
"url": "https://www.suse.com/security/cve/CVE-2021-3620"
},
{
"category": "external",
"summary": "SUSE Bug 1187725 for CVE-2021-3620",
"url": "https://bugzilla.suse.com/1187725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-3620"
},
{
"cve": "CVE-2021-36222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-36222"
}
],
"notes": [
{
"category": "general",
"text": "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-36222",
"url": "https://www.suse.com/security/cve/CVE-2021-36222"
},
{
"category": "external",
"summary": "SUSE Bug 1188571 for CVE-2021-36222",
"url": "https://bugzilla.suse.com/1188571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2021-36222"
},
{
"cve": "CVE-2021-3711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3711"
}
],
"notes": [
{
"category": "general",
"text": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the \"out\" parameter can be NULL and, on exit, the \"outlen\" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the \"out\" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3711",
"url": "https://www.suse.com/security/cve/CVE-2021-3711"
},
{
"category": "external",
"summary": "SUSE Bug 1189520 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1189520"
},
{
"category": "external",
"summary": "SUSE Bug 1190129 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1190129"
},
{
"category": "external",
"summary": "SUSE Bug 1192100 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1192100"
},
{
"category": "external",
"summary": "SUSE Bug 1205663 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1205663"
},
{
"category": "external",
"summary": "SUSE Bug 1225628 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1225628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "critical"
}
],
"title": "CVE-2021-3711"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-41174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41174"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim\u0027s browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(\u0027alert(1)\u0027)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41174",
"url": "https://www.suse.com/security/cve/CVE-2021-41174"
},
{
"category": "external",
"summary": "SUSE Bug 1192383 for CVE-2021-41174",
"url": "https://bugzilla.suse.com/1192383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-41174"
},
{
"cve": "CVE-2021-41244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41244"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users\u0027 roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users\u0027 roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41244",
"url": "https://www.suse.com/security/cve/CVE-2021-41244"
},
{
"category": "external",
"summary": "SUSE Bug 1192763 for CVE-2021-41244",
"url": "https://bugzilla.suse.com/1192763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "critical"
}
],
"title": "CVE-2021-41244"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2021-43798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43798"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `\u003cgrafana_host_url\u003e/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43798",
"url": "https://www.suse.com/security/cve/CVE-2021-43798"
},
{
"category": "external",
"summary": "SUSE Bug 1193492 for CVE-2021-43798",
"url": "https://bugzilla.suse.com/1193492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2021-43798"
},
{
"cve": "CVE-2021-43813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43813"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43813",
"url": "https://www.suse.com/security/cve/CVE-2021-43813"
},
{
"category": "external",
"summary": "SUSE Bug 1193686 for CVE-2021-43813",
"url": "https://bugzilla.suse.com/1193686"
},
{
"category": "external",
"summary": "SUSE Bug 1193688 for CVE-2021-43813",
"url": "https://bugzilla.suse.com/1193688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-43813"
},
{
"cve": "CVE-2021-43815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43815"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43815",
"url": "https://www.suse.com/security/cve/CVE-2021-43815"
},
{
"category": "external",
"summary": "SUSE Bug 1193686 for CVE-2021-43815",
"url": "https://bugzilla.suse.com/1193686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2021-43815"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-23552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23552"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren\u0027t properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23552",
"url": "https://www.suse.com/security/cve/CVE-2022-23552"
},
{
"category": "external",
"summary": "SUSE Bug 1207749 for CVE-2022-23552",
"url": "https://bugzilla.suse.com/1207749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2022-23552"
},
{
"cve": "CVE-2022-27664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27664"
}
],
"notes": [
{
"category": "general",
"text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27664",
"url": "https://www.suse.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "SUSE Bug 1203185 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "external",
"summary": "SUSE Bug 1203293 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-29170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29170"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn\u0027t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29170",
"url": "https://www.suse.com/security/cve/CVE-2022-29170"
},
{
"category": "external",
"summary": "SUSE Bug 1199810 for CVE-2022-29170",
"url": "https://bugzilla.suse.com/1199810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-29170"
},
{
"cve": "CVE-2022-31097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31097"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31097",
"url": "https://www.suse.com/security/cve/CVE-2022-31097"
},
{
"category": "external",
"summary": "SUSE Bug 1201535 for CVE-2022-31097",
"url": "https://bugzilla.suse.com/1201535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2022-31097"
},
{
"cve": "CVE-2022-31107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31107"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user\u0027s external user id is not already associated with an account in Grafana, the malicious user\u0027s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user\u0027s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31107",
"url": "https://www.suse.com/security/cve/CVE-2022-31107"
},
{
"category": "external",
"summary": "SUSE Bug 1201539 for CVE-2022-31107",
"url": "https://bugzilla.suse.com/1201539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2022-31107"
},
{
"cve": "CVE-2022-31123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31123"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31123",
"url": "https://www.suse.com/security/cve/CVE-2022-31123"
},
{
"category": "external",
"summary": "SUSE Bug 1204302 for CVE-2022-31123",
"url": "https://bugzilla.suse.com/1204302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-31123"
},
{
"cve": "CVE-2022-31130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31130"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user\u0027s Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31130",
"url": "https://www.suse.com/security/cve/CVE-2022-31130"
},
{
"category": "external",
"summary": "SUSE Bug 1204305 for CVE-2022-31130",
"url": "https://bugzilla.suse.com/1204305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-31130"
},
{
"cve": "CVE-2022-32149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32149"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32149",
"url": "https://www.suse.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "SUSE Bug 1204501 for CVE-2022-32149",
"url": "https://bugzilla.suse.com/1204501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-35957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-35957"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-35957",
"url": "https://www.suse.com/security/cve/CVE-2022-35957"
},
{
"category": "external",
"summary": "SUSE Bug 1203597 for CVE-2022-35957",
"url": "https://bugzilla.suse.com/1203597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-35957"
},
{
"cve": "CVE-2022-36062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36062"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36062",
"url": "https://www.suse.com/security/cve/CVE-2022-36062"
},
{
"category": "external",
"summary": "SUSE Bug 1203596 for CVE-2022-36062",
"url": "https://bugzilla.suse.com/1203596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-36062"
},
{
"cve": "CVE-2022-39201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39201"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user\u0027s Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39201",
"url": "https://www.suse.com/security/cve/CVE-2022-39201"
},
{
"category": "external",
"summary": "SUSE Bug 1204303 for CVE-2022-39201",
"url": "https://bugzilla.suse.com/1204303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-39201"
},
{
"cve": "CVE-2022-39229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39229"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user\u0027s login attempt by registering someone else\u0027e email address as a username. A Grafana user\u0027s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`\u0027s email address. This prevents `user_1` logging into the application since `user_1`\u0027s password won\u0027t match with `user_2`\u0027s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39229",
"url": "https://www.suse.com/security/cve/CVE-2022-39229"
},
{
"category": "external",
"summary": "SUSE Bug 1204304 for CVE-2022-39229",
"url": "https://bugzilla.suse.com/1204304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "low"
}
],
"title": "CVE-2022-39229"
},
{
"cve": "CVE-2022-39306",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39306"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39306",
"url": "https://www.suse.com/security/cve/CVE-2022-39306"
},
{
"category": "external",
"summary": "SUSE Bug 1205225 for CVE-2022-39306",
"url": "https://bugzilla.suse.com/1205225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-39306"
},
{
"cve": "CVE-2022-39307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39307"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a \"user not found\" message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39307",
"url": "https://www.suse.com/security/cve/CVE-2022-39307"
},
{
"category": "external",
"summary": "SUSE Bug 1205227 for CVE-2022-39307",
"url": "https://bugzilla.suse.com/1205227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-39307"
},
{
"cve": "CVE-2022-39324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39324"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u0027s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39324",
"url": "https://www.suse.com/security/cve/CVE-2022-39324"
},
{
"category": "external",
"summary": "SUSE Bug 1207750 for CVE-2022-39324",
"url": "https://bugzilla.suse.com/1207750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-39324"
},
{
"cve": "CVE-2022-41715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41715"
}
],
"notes": [
{
"category": "general",
"text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41715",
"url": "https://www.suse.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "SUSE Bug 1204023 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "external",
"summary": "SUSE Bug 1208441 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1208441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-41723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41723"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41723",
"url": "https://www.suse.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "SUSE Bug 1208270 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "external",
"summary": "SUSE Bug 1215588 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1215588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2022-41723"
},
{
"cve": "CVE-2022-46146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46146"
}
],
"notes": [
{
"category": "general",
"text": "Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users\u0027 bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46146",
"url": "https://www.suse.com/security/cve/CVE-2022-46146"
},
{
"category": "external",
"summary": "SUSE Bug 1208046 for CVE-2022-46146",
"url": "https://bugzilla.suse.com/1208046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2022-46146"
},
{
"cve": "CVE-2023-0507",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0507"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. \n\nThe stored XSS vulnerability was possible due to map attributions weren\u0027t properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0507",
"url": "https://www.suse.com/security/cve/CVE-2023-0507"
},
{
"category": "external",
"summary": "SUSE Bug 1208821 for CVE-2023-0507",
"url": "https://bugzilla.suse.com/1208821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2023-0507"
},
{
"cve": "CVE-2023-0594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0594"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. \n\nThe stored XSS vulnerability was possible due the value of a span\u0027s attributes/resources were not properly sanitized and this will be rendered when the span\u0027s attributes/resources are expanded.\n\nAn attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0594",
"url": "https://www.suse.com/security/cve/CVE-2023-0594"
},
{
"category": "external",
"summary": "SUSE Bug 1208819 for CVE-2023-0594",
"url": "https://bugzilla.suse.com/1208819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2023-0594"
},
{
"cve": "CVE-2023-1387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1387"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1387",
"url": "https://www.suse.com/security/cve/CVE-2023-1387"
},
{
"category": "external",
"summary": "SUSE Bug 1210907 for CVE-2023-1387",
"url": "https://bugzilla.suse.com/1210907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2023-1387"
},
{
"cve": "CVE-2023-1410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1410"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1410",
"url": "https://www.suse.com/security/cve/CVE-2023-1410"
},
{
"category": "external",
"summary": "SUSE Bug 1209645 for CVE-2023-1410",
"url": "https://bugzilla.suse.com/1209645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2023-1410"
},
{
"cve": "CVE-2023-2183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2183"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\n\nThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\n\nUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2183",
"url": "https://www.suse.com/security/cve/CVE-2023-2183"
},
{
"category": "external",
"summary": "SUSE Bug 1212100 for CVE-2023-2183",
"url": "https://bugzilla.suse.com/1212100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "moderate"
}
],
"title": "CVE-2023-2183"
},
{
"cve": "CVE-2023-2801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2801"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\n\nThe only feature that uses mixed queries at the moment is public dashboards, but it\u0027s also possible to cause this by calling the query API directly.\n\nThis might enable malicious users to crash Grafana instances through that endpoint.\n\nUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2801",
"url": "https://www.suse.com/security/cve/CVE-2023-2801"
},
{
"category": "external",
"summary": "SUSE Bug 1212099 for CVE-2023-2801",
"url": "https://bugzilla.suse.com/1212099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "important"
}
],
"title": "CVE-2023-2801"
},
{
"cve": "CVE-2023-3128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3128"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3128",
"url": "https://www.suse.com/security/cve/CVE-2023-3128"
},
{
"category": "external",
"summary": "SUSE Bug 1212641 for CVE-2023-3128",
"url": "https://bugzilla.suse.com/1212641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x",
"SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64",
"SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x",
"SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch",
"SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:20:05Z",
"details": "critical"
}
],
"title": "CVE-2023-3128"
}
]
}
SUSE-SU-2022:0570-1
Vulnerability from csaf_suse - Published: 2022-02-24 09:35 - Updated: 2022-02-24 09:35Summary
Security update for nodejs10
Notes
Title of the patch
Security update for nodejs10
Description of the patch
This update for nodejs10 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
- CVE-2022-21824: Fixed prototype pollution via console.table (bsc#1194514).
Patchnames
SUSE-2022-570,SUSE-SLE-Module-Web-Scripting-12-2022-570
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs10",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs10 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153). \n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963). \n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962). \n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n- CVE-2022-21824: Fixed prototype pollution via console.table (bsc#1194514).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-570,SUSE-SLE-Module-Web-Scripting-12-2022-570",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0570-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0570-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220570-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0570-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010306.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1194514",
"url": "https://bugzilla.suse.com/1194514"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21824 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21824/"
}
],
"title": "Security update for nodejs10",
"tracking": {
"current_release_date": "2022-02-24T09:35:40Z",
"generator": {
"date": "2022-02-24T09:35:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0570-1",
"initial_release_date": "2022-02-24T09:35:40Z",
"revision_history": [
{
"date": "2022-02-24T09:35:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-1.46.1.aarch64",
"product": {
"name": "nodejs10-10.24.1-1.46.1.aarch64",
"product_id": "nodejs10-10.24.1-1.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-1.46.1.aarch64",
"product": {
"name": "nodejs10-devel-10.24.1-1.46.1.aarch64",
"product_id": "nodejs10-devel-10.24.1-1.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-1.46.1.aarch64",
"product": {
"name": "npm10-10.24.1-1.46.1.aarch64",
"product_id": "npm10-10.24.1-1.46.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-1.46.1.i586",
"product": {
"name": "nodejs10-10.24.1-1.46.1.i586",
"product_id": "nodejs10-10.24.1-1.46.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-1.46.1.i586",
"product": {
"name": "nodejs10-devel-10.24.1-1.46.1.i586",
"product_id": "nodejs10-devel-10.24.1-1.46.1.i586"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-1.46.1.i586",
"product": {
"name": "npm10-10.24.1-1.46.1.i586",
"product_id": "npm10-10.24.1-1.46.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-docs-10.24.1-1.46.1.noarch",
"product": {
"name": "nodejs10-docs-10.24.1-1.46.1.noarch",
"product_id": "nodejs10-docs-10.24.1-1.46.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-1.46.1.ppc64le",
"product": {
"name": "nodejs10-10.24.1-1.46.1.ppc64le",
"product_id": "nodejs10-10.24.1-1.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-1.46.1.ppc64le",
"product": {
"name": "nodejs10-devel-10.24.1-1.46.1.ppc64le",
"product_id": "nodejs10-devel-10.24.1-1.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-1.46.1.ppc64le",
"product": {
"name": "npm10-10.24.1-1.46.1.ppc64le",
"product_id": "npm10-10.24.1-1.46.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-1.46.1.s390",
"product": {
"name": "nodejs10-10.24.1-1.46.1.s390",
"product_id": "nodejs10-10.24.1-1.46.1.s390"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-1.46.1.s390",
"product": {
"name": "nodejs10-devel-10.24.1-1.46.1.s390",
"product_id": "nodejs10-devel-10.24.1-1.46.1.s390"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-1.46.1.s390",
"product": {
"name": "npm10-10.24.1-1.46.1.s390",
"product_id": "npm10-10.24.1-1.46.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-1.46.1.s390x",
"product": {
"name": "nodejs10-10.24.1-1.46.1.s390x",
"product_id": "nodejs10-10.24.1-1.46.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-1.46.1.s390x",
"product": {
"name": "nodejs10-devel-10.24.1-1.46.1.s390x",
"product_id": "nodejs10-devel-10.24.1-1.46.1.s390x"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-1.46.1.s390x",
"product": {
"name": "npm10-10.24.1-1.46.1.s390x",
"product_id": "npm10-10.24.1-1.46.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-1.46.1.x86_64",
"product": {
"name": "nodejs10-10.24.1-1.46.1.x86_64",
"product_id": "nodejs10-10.24.1-1.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-1.46.1.x86_64",
"product": {
"name": "nodejs10-devel-10.24.1-1.46.1.x86_64",
"product_id": "nodejs10-devel-10.24.1-1.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-1.46.1.x86_64",
"product": {
"name": "npm10-10.24.1-1.46.1.x86_64",
"product_id": "npm10-10.24.1-1.46.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-1.46.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-1.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-1.46.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-1.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-1.46.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x"
},
"product_reference": "nodejs10-10.24.1-1.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-1.46.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-1.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-1.46.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-1.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-1.46.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-1.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-1.46.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x"
},
"product_reference": "nodejs10-devel-10.24.1-1.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-1.46.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-1.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-1.46.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-1.46.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-1.46.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64"
},
"product_reference": "npm10-10.24.1-1.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-1.46.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le"
},
"product_reference": "npm10-10.24.1-1.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-1.46.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x"
},
"product_reference": "npm10-10.24.1-1.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-1.46.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
},
"product_reference": "npm10-10.24.1-1.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:40Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:40Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:40Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:40Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2022-21824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21824"
}
],
"notes": [
{
"category": "general",
"text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21824",
"url": "https://www.suse.com/security/cve/CVE-2022-21824"
},
{
"category": "external",
"summary": "SUSE Bug 1194514 for CVE-2022-21824",
"url": "https://bugzilla.suse.com/1194514"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2022-21824",
"url": "https://bugzilla.suse.com/1202688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-devel-10.24.1-1.46.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs10-docs-10.24.1-1.46.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm10-10.24.1-1.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T09:35:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-21824"
}
]
}
SUSE-SU-2022:1717-1
Vulnerability from csaf_suse - Published: 2022-05-17 15:43 - Updated: 2022-05-17 15:43Summary
Security update for nodejs10
Notes
Title of the patch
Security update for nodejs10
Description of the patch
This update for nodejs10 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
- CVE-2022-21824: Fixed prototype pollution via console.table (bsc#1194514).
- CVE-2021-44906: Fixed prototype pollution in npm dependency (bsc#1198247).
- CVE-2021-44907: Fixed insuficient sanitation in npm dependency (bsc#1197283).
- CVE-2022-0235: Fixed passing of cookie data and sensitive headers to different hostnames in node-fetch-npm (bsc#1194819).
Patchnames
SUSE-2022-1717,SUSE-SLE-Product-HPC-15-2022-1717,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1717,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1717,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1717,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1717,SUSE-SLE-Product-SLES-15-2022-1717,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1717,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1717,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1717,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1717,SUSE-SLE-Product-SLES_SAP-15-2022-1717,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1717,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1717,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1717,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1717,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1717,SUSE-Storage-6-2022-1717,SUSE-Storage-7-2022-1717,openSUSE-SLE-15.3-2022-1717,openSUSE-SLE-15.4-2022-1717
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs10",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs10 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n- CVE-2022-21824: Fixed prototype pollution via console.table (bsc#1194514).\n- CVE-2021-44906: Fixed prototype pollution in npm dependency (bsc#1198247).\n- CVE-2021-44907: Fixed insuficient sanitation in npm dependency (bsc#1197283).\n- CVE-2022-0235: Fixed passing of cookie data and sensitive headers to different hostnames in node-fetch-npm (bsc#1194819).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1717,SUSE-SLE-Product-HPC-15-2022-1717,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1717,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1717,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1717,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1717,SUSE-SLE-Product-SLES-15-2022-1717,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1717,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1717,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1717,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1717,SUSE-SLE-Product-SLES_SAP-15-2022-1717,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1717,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1717,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1717,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1717,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1717,SUSE-Storage-6-2022-1717,SUSE-Storage-7-2022-1717,openSUSE-SLE-15.3-2022-1717,openSUSE-SLE-15.4-2022-1717",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1717-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1717-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221717-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1717-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011058.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1194514",
"url": "https://bugzilla.suse.com/1194514"
},
{
"category": "self",
"summary": "SUSE Bug 1194819",
"url": "https://bugzilla.suse.com/1194819"
},
{
"category": "self",
"summary": "SUSE Bug 1197283",
"url": "https://bugzilla.suse.com/1197283"
},
{
"category": "self",
"summary": "SUSE Bug 1198247",
"url": "https://bugzilla.suse.com/1198247"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44906 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44907 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0235 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21824 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21824/"
}
],
"title": "Security update for nodejs10",
"tracking": {
"current_release_date": "2022-05-17T15:43:16Z",
"generator": {
"date": "2022-05-17T15:43:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1717-1",
"initial_release_date": "2022-05-17T15:43:16Z",
"revision_history": [
{
"date": "2022-05-17T15:43:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"product": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"product_id": "nodejs10-10.24.1-150000.1.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"product": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"product_id": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-150000.1.44.1.aarch64",
"product": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64",
"product_id": "npm10-10.24.1-150000.1.44.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-150000.1.44.1.i586",
"product": {
"name": "nodejs10-10.24.1-150000.1.44.1.i586",
"product_id": "nodejs10-10.24.1-150000.1.44.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-150000.1.44.1.i586",
"product": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.i586",
"product_id": "nodejs10-devel-10.24.1-150000.1.44.1.i586"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-150000.1.44.1.i586",
"product": {
"name": "npm10-10.24.1-150000.1.44.1.i586",
"product_id": "npm10-10.24.1-150000.1.44.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"product": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"product_id": "nodejs10-docs-10.24.1-150000.1.44.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"product": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"product_id": "nodejs10-10.24.1-150000.1.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"product": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"product_id": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-150000.1.44.1.ppc64le",
"product": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le",
"product_id": "npm10-10.24.1-150000.1.44.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-150000.1.44.1.s390x",
"product": {
"name": "nodejs10-10.24.1-150000.1.44.1.s390x",
"product_id": "nodejs10-10.24.1-150000.1.44.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"product": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"product_id": "nodejs10-devel-10.24.1-150000.1.44.1.s390x"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-150000.1.44.1.s390x",
"product": {
"name": "npm10-10.24.1-150000.1.44.1.s390x",
"product_id": "npm10-10.24.1-150000.1.44.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"product": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"product_id": "nodejs10-10.24.1-150000.1.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"product": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"product_id": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm10-10.24.1-150000.1.44.1.x86_64",
"product": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64",
"product_id": "npm10-10.24.1-150000.1.44.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-10.24.1-150000.1.44.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs10-docs-10.24.1-150000.1.44.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch"
},
"product_reference": "nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm10-10.24.1-150000.1.44.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
},
"product_reference": "npm10-10.24.1-150000.1.44.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-44906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44906"
}
],
"notes": [
{
"category": "general",
"text": "Minimist \u003c=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44906",
"url": "https://www.suse.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "SUSE Bug 1198247 for CVE-2021-44906",
"url": "https://bugzilla.suse.com/1198247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-44906"
},
{
"cve": "CVE-2021-44907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44907"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44907",
"url": "https://www.suse.com/security/cve/CVE-2021-44907"
},
{
"category": "external",
"summary": "SUSE Bug 1197283 for CVE-2021-44907",
"url": "https://bugzilla.suse.com/1197283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "low"
}
],
"title": "CVE-2021-44907"
},
{
"cve": "CVE-2022-0235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0235"
}
],
"notes": [
{
"category": "general",
"text": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0235",
"url": "https://www.suse.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "SUSE Bug 1194819 for CVE-2022-0235",
"url": "https://bugzilla.suse.com/1194819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-0235"
},
{
"cve": "CVE-2022-21824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21824"
}
],
"notes": [
{
"category": "general",
"text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21824",
"url": "https://www.suse.com/security/cve/CVE-2022-21824"
},
{
"category": "external",
"summary": "SUSE Bug 1194514 for CVE-2022-21824",
"url": "https://bugzilla.suse.com/1194514"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2022-21824",
"url": "https://bugzilla.suse.com/1202688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 6:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 6:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Enterprise Storage 7:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Enterprise Storage 7:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Proxy 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"SUSE Manager Server 4.1:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.ppc64le",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.s390x",
"SUSE Manager Server 4.1:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.3:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.3:npm10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:nodejs10-devel-10.24.1-150000.1.44.1.x86_64",
"openSUSE Leap 15.4:nodejs10-docs-10.24.1-150000.1.44.1.noarch",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.aarch64",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.ppc64le",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.s390x",
"openSUSE Leap 15.4:npm10-10.24.1-150000.1.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-17T15:43:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-21824"
}
]
}
SUSE-SU-2022:0715-1
Vulnerability from csaf_suse - Published: 2022-03-04 08:38 - Updated: 2022-03-04 08:38Summary
Security update for nodejs14
Notes
Title of the patch
Security update for nodejs14
Description of the patch
This update for nodejs14 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
SUSE-2022-715,SUSE-SLE-Module-Web-Scripting-15-SP3-2022-715,SUSE-SLE-Module-Web-Scripting-15-SP4-2022-715,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-715,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-715,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-715,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-715,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-715,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-715,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-715,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-715,SUSE-Storage-7-2022-715
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs14",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs14 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-715,SUSE-SLE-Module-Web-Scripting-15-SP3-2022-715,SUSE-SLE-Module-Web-Scripting-15-SP4-2022-715,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-715,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-715,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-715,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-715,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-715,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-715,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-715,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-715,SUSE-Storage-7-2022-715",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0715-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0715-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220715-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0715-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010355.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs14",
"tracking": {
"current_release_date": "2022-03-04T08:38:26Z",
"generator": {
"date": "2022-03-04T08:38:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0715-1",
"initial_release_date": "2022-03-04T08:38:26Z",
"revision_history": [
{
"date": "2022-03-04T08:38:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-15.27.1.aarch64",
"product": {
"name": "corepack14-14.19.0-15.27.1.aarch64",
"product_id": "corepack14-14.19.0-15.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.aarch64",
"product": {
"name": "nodejs14-14.19.0-15.27.1.aarch64",
"product_id": "nodejs14-14.19.0-15.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"product_id": "nodejs14-devel-14.19.0-15.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.aarch64",
"product": {
"name": "npm14-14.19.0-15.27.1.aarch64",
"product_id": "npm14-14.19.0-15.27.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-15.27.1.i586",
"product": {
"name": "corepack14-14.19.0-15.27.1.i586",
"product_id": "corepack14-14.19.0-15.27.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.i586",
"product": {
"name": "nodejs14-14.19.0-15.27.1.i586",
"product_id": "nodejs14-14.19.0-15.27.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.i586",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.i586",
"product_id": "nodejs14-devel-14.19.0-15.27.1.i586"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.i586",
"product": {
"name": "npm14-14.19.0-15.27.1.i586",
"product_id": "npm14-14.19.0-15.27.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs14-docs-14.19.0-15.27.1.noarch",
"product": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch",
"product_id": "nodejs14-docs-14.19.0-15.27.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-15.27.1.ppc64le",
"product": {
"name": "corepack14-14.19.0-15.27.1.ppc64le",
"product_id": "corepack14-14.19.0-15.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.ppc64le",
"product": {
"name": "nodejs14-14.19.0-15.27.1.ppc64le",
"product_id": "nodejs14-14.19.0-15.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"product_id": "nodejs14-devel-14.19.0-15.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.ppc64le",
"product": {
"name": "npm14-14.19.0-15.27.1.ppc64le",
"product_id": "npm14-14.19.0-15.27.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-15.27.1.s390x",
"product": {
"name": "corepack14-14.19.0-15.27.1.s390x",
"product_id": "corepack14-14.19.0-15.27.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.s390x",
"product": {
"name": "nodejs14-14.19.0-15.27.1.s390x",
"product_id": "nodejs14-14.19.0-15.27.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.s390x",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.s390x",
"product_id": "nodejs14-devel-14.19.0-15.27.1.s390x"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.s390x",
"product": {
"name": "npm14-14.19.0-15.27.1.s390x",
"product_id": "npm14-14.19.0-15.27.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "corepack14-14.19.0-15.27.1.x86_64",
"product": {
"name": "corepack14-14.19.0-15.27.1.x86_64",
"product_id": "corepack14-14.19.0-15.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.x86_64",
"product": {
"name": "nodejs14-14.19.0-15.27.1.x86_64",
"product_id": "nodejs14-14.19.0-15.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"product_id": "nodejs14-devel-14.19.0-15.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.x86_64",
"product": {
"name": "npm14-14.19.0-15.27.1.x86_64",
"product_id": "npm14-14.19.0-15.27.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64"
},
"product_reference": "npm14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "npm14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x"
},
"product_reference": "npm14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64"
},
"product_reference": "npm14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64"
},
"product_reference": "npm14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64"
},
"product_reference": "npm14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "npm14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x"
},
"product_reference": "npm14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "npm14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "npm14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x"
},
"product_reference": "npm14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64"
},
"product_reference": "npm14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:38:26Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:38:26Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:38:26Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:38:26Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Enterprise Storage 7:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.aarch64",
"SUSE Enterprise Storage 7:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Proxy 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Proxy 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Retail Branch Server 4.1:npm14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:nodejs14-devel-14.19.0-15.27.1.x86_64",
"SUSE Manager Server 4.1:nodejs14-docs-14.19.0-15.27.1.noarch",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.ppc64le",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.s390x",
"SUSE Manager Server 4.1:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:38:26Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
SUSE-SU-2022:0563-1
Vulnerability from csaf_suse - Published: 2022-02-24 07:38 - Updated: 2022-02-24 07:38Summary
Security update for nodejs8
Notes
Title of the patch
Security update for nodejs8
Description of the patch
This update for nodejs8 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
SUSE-2022-563,SUSE-SLE-Product-HPC-15-2022-563,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-563,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-563,SUSE-SLE-Product-SLES-15-2022-563,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-563,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-563,SUSE-SLE-Product-SLES_SAP-15-2022-563,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-563,SUSE-Storage-6-2022-563
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs8 fixes the following issues:\n\t \n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-563,SUSE-SLE-Product-HPC-15-2022-563,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-563,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-563,SUSE-SLE-Product-SLES-15-2022-563,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-563,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-563,SUSE-SLE-Product-SLES_SAP-15-2022-563,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-563,SUSE-Storage-6-2022-563",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0563-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0563-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220563-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0563-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010304.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs8",
"tracking": {
"current_release_date": "2022-02-24T07:38:40Z",
"generator": {
"date": "2022-02-24T07:38:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0563-1",
"initial_release_date": "2022-02-24T07:38:40Z",
"revision_history": [
{
"date": "2022-02-24T07:38:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.54.2.aarch64",
"product": {
"name": "nodejs8-8.17.0-3.54.2.aarch64",
"product_id": "nodejs8-8.17.0-3.54.2.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"product": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"product_id": "nodejs8-devel-8.17.0-3.54.2.aarch64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.54.2.aarch64",
"product": {
"name": "npm8-8.17.0-3.54.2.aarch64",
"product_id": "npm8-8.17.0-3.54.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.54.2.i586",
"product": {
"name": "nodejs8-8.17.0-3.54.2.i586",
"product_id": "nodejs8-8.17.0-3.54.2.i586"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.54.2.i586",
"product": {
"name": "nodejs8-devel-8.17.0-3.54.2.i586",
"product_id": "nodejs8-devel-8.17.0-3.54.2.i586"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.54.2.i586",
"product": {
"name": "npm8-8.17.0-3.54.2.i586",
"product_id": "npm8-8.17.0-3.54.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-docs-8.17.0-3.54.2.noarch",
"product": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch",
"product_id": "nodejs8-docs-8.17.0-3.54.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.54.2.ppc64le",
"product": {
"name": "nodejs8-8.17.0-3.54.2.ppc64le",
"product_id": "nodejs8-8.17.0-3.54.2.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.54.2.ppc64le",
"product": {
"name": "nodejs8-devel-8.17.0-3.54.2.ppc64le",
"product_id": "nodejs8-devel-8.17.0-3.54.2.ppc64le"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.54.2.ppc64le",
"product": {
"name": "npm8-8.17.0-3.54.2.ppc64le",
"product_id": "npm8-8.17.0-3.54.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.54.2.s390x",
"product": {
"name": "nodejs8-8.17.0-3.54.2.s390x",
"product_id": "nodejs8-8.17.0-3.54.2.s390x"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.54.2.s390x",
"product": {
"name": "nodejs8-devel-8.17.0-3.54.2.s390x",
"product_id": "nodejs8-devel-8.17.0-3.54.2.s390x"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.54.2.s390x",
"product": {
"name": "npm8-8.17.0-3.54.2.s390x",
"product_id": "npm8-8.17.0-3.54.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.54.2.x86_64",
"product": {
"name": "nodejs8-8.17.0-3.54.2.x86_64",
"product_id": "nodejs8-8.17.0-3.54.2.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"product": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"product_id": "nodejs8-devel-8.17.0-3.54.2.x86_64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.54.2.x86_64",
"product": {
"name": "npm8-8.17.0-3.54.2.x86_64",
"product_id": "npm8-8.17.0-3.54.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x"
},
"product_reference": "nodejs8-8.17.0-3.54.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x"
},
"product_reference": "npm8-8.17.0-3.54.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x"
},
"product_reference": "nodejs8-8.17.0-3.54.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x"
},
"product_reference": "npm8-8.17.0-3.54.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.54.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.54.2.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.54.2.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.54.2.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.54.2.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.54.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.54.2.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.54.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T07:38:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T07:38:40Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T07:38:40Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T07:38:40Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.54.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.54.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.54.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-24T07:38:40Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
SUSE-SU-2023:2575-1
Vulnerability from csaf_suse - Published: 2023-06-21 11:42 - Updated: 2023-06-21 11:42Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
grafana:
- Version update from 8.5.22 to 9.5.1 (jsc#PED-3694):
* Security fixes:
- CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)
- CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request parameter in proxy requests
(bnc#1210907)
- CVE-2022-36062: grafana: Fix RBAC folders/dashboards privilege escalation (bsc#1203596)
- CVE-2022-35957: grafana: Escalation from admin to server admin when auth proxy is used (bsc#1203597)
- CVE-2022-32149: Upgrade x/text to version unaffected by CVE-2022-32149 (bsc#1204501)
- CVE-2022-31107: grafana: OAuth account takeover (bsc#1201539)
- CVE-2022-31097: grafana: stored XSS vulnerability (bsc#1201535)
- CVE-2022-27664: go1.18,go1.19: net/http: handle server errors after sending GOAWAY (bsc#1203185)
- CVE-2022-0155: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
- CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method(bsc#1200480)
- CVE-2021-3918: json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes
('Prototype Pollution') (bsc#1192696)
- CVE-2021-3807: node-ansi-regex: Inefficient Regular Expression Complexity in chalk/ansi-regex (bsc#1192154)
- CVE-2020-7753: nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function
* Important changes:
- Default named retention policies won't be used to query.
Users who have a default named retention policy in their influxdb database, have to rename it to something else.
To change the hardcoded retention policy in the dashboard.json, users must then select the right retention policy
from dropdown and save the panel/dashboard.
- Grafana Alerting rules with NoDataState configuration set to Alerting will now respect 'For' duration.
- Users who use LDAP role sync to only sync Viewer, Editor and Admin roles, but grant Grafana Server Admin role
manually will not be able to do that anymore. After this change, LDAP role sync will override any manual changes
to Grafana Server Admin role assignments. If grafana_admin is left unset in LDAP role mapping configuration, it
will default to false.
- The InfluxDB backend migration feature toggle (influxdbBackendMigration) has been reintroduced in this version
as issues were discovered with backend processing of InfluxDB data. Unless this feature toggle is enabled, all
InfluxDB data will be parsed in the frontend. This frontend processing is the default behavior.
In Grafana 9.4.4, InfluxDB data parsing started to be handled in the backend. If you have upgraded to 9.4.4
and then added new transformations on InfluxDB data, those panels will fail to render. To resolve this either:
Remove the affected panel and re-create it or edit the `time` field as `Time` in `panel.json`
or `dashboard.json`
- The `@grafana/ui` package helper function `selectOptionInTest` used in frontend tests has been removed as it
caused testing libraries to be bundled in the production code of Grafana. If you were using this helper function
in your tests please update your code accordingly.
- Removed deprecated `checkHealth` prop from the `@grafana/e2e` `addDataSource` configuration. Previously this
value defaulted to `false`, and has not been used in end-to-end tests since Grafana 8.0.3.
- Removed the deprecated `LegacyBaseMap`, `LegacyValueMapping`, `LegacyValueMap`, and `LegacyRangeMap` types, and
`getMappedValue` function from grafana-data. See the documentation for the migration.
This change fixes a bug in Grafana where intermittent failure of database, network between Grafana and the
database, or error in querying the database would cause all alert rules to be unscheduled in Grafana.
Following this change scheduled alert rules are not updated unless the query is successful.
- The `get_alert_rules_duration_seconds` metric has been renamed to `schedule_query_alert_rules_duration_seconds`
- Any secret (data sources credential, alert manager credential, etc, etc) created or modified with Grafana v9.0
won't be decryptable from any previous version (by default) because the way encrypted secrets are stored into the
database has changed. Although secrets created or modified with previous versions will still be decryptable by
Grafana v9.0.
- If required, although generally discouraged, the `disableEnvelopeEncryption` feature toggle can be enabled to
keep envelope encryption disabled once updating to Grafana
- In case of need to rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any reason, after being
created or modified any secret with Grafana v9.0, the `envelopeEncryption` feature toggle will need to be enabled
to keep backwards compatibility (only from `v8.3.x` a bit unstable, from `8.5.x` stable).
- As a final attempt to deal with issues related with the aforementioned situations, the
`grafana-cli admin secrets-migration rollback` command has been designed to move back all the Grafana secrets
encrypted with envelope encryption to legacy encryption. So, after running that command it should be safe to
disable envelope encryption and/or roll back to a previous version of Grafana.
Alternatively or complementarily to all the points above, backing up the Grafana database before updating could
be a good idea to prevent disasters (although the risk of getting some secrets corrupted only applies to those
updates/created with after updating to Grafana v9.0).
- In Elasticsearch, browser access mode was deprecated in grafana 7.4.0 and removed in 9.0.0. If you used this mode
please switch to server access mode on the datasource configuration page.
- Environment variables passed from Grafana to external Azure plugins have been renamed:
`AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`,
`AZURE_MANAGED_IDENTITY_ENABLED` renamed to `GFAZPL_MANAGED_IDENTITY_ENABLED`,
`AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`.
There are no known plugins which were relying on these variables. Moving forward plugins should read Azure
settings only via Grafana Azure SDK which properly handles old and new environment variables.
- Removes support for for ElasticSearch versions after their end-of-life, currently versions < 7.10.0.
To continue to use ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.
- Application Insights and Insight Analytics queries in Azure Monitor were deprecated in Grafana 8.0 and finally
removed in 9.0. Deprecated queries will no longer be executed.
- grafana/ui: Button now specifies a default type='button'.
The `Button` component provided by @grafana/ui now specifies a default `type='button'` when no type is provided.
In previous versions, if the attribute was not specified for buttons associated with a `<form>` the
default value was `submit` per the specification. You can preserve the old behavior by explicitly setting the
type attribute: `<Button type='submit' />`
- The `Rename by regex` transformation has been improved to allow global patterns of the form
`/<stringToReplace>/g`.
Depending on the regex match used, this may cause some transformations to behave slightly differently. You can
guarantee the same behaviour as before by wrapping the `match` string in forward slashes (`/`), e.g. `(.*)` would
become `/(.*)/`
- `<Select />` menus will now portal to the document body by default. This is to give more consistent
behaviour when positioning and overlaying. If you were setting`menuShouldPortal={true}` before you can safely
remove that prop and behaviour will be the same. If you weren't explicitly setting that prop, there should be no
visible changes in behaviour but your tests may need updating. If you were setting `menuShouldPortal={false}`
this will continue to prevent the menu from portalling.
- Grafana alerting endpoint prefixed with `api/v1/rule/test` that tests a rule against a Corte/Loki data source now
expects the data source UID as a path parameter instead of the data source numeric identifier.
- Grafana alerting endpoints prefixed with `api/prometheus/` that proxy requests to a Cortex/Loki data source now
expect the data source UID as a path parameter instead of the data source numeric identifier.
- Grafana alerting endpoints prefixed with `api/ruler/` that proxy requests to a Cortex/Loki data source now expect
the data source UID as a path parameter instead of the data
- Grafana alerting endpoints prefixed with `api/alertmanager/` that proxy requests to an Alertmanager now expect
the data source UID as a path parameter instead of the data source numeric identifier.
- The format of log messages have been updated, `lvl` is now `level` and `eror`and `dbug` has been replaced with
`error` and `debug`. The precision of timestamps has been increased.
To smooth the transition, it is possible to opt-out of the new log format by enabling the feature toggle
`oldlog`.
This option will be removed in a future minor release.
- In the Loki data source, the dataframe format used to represent Loki logs-data has been changed to a more
efficient format. The query-result is represented by a single dataframe with a 'labels' column, instead of the
separate dataframes for every labels-value. When displaying such data in explore, or in a logs-panel in the
dashboard will continue to work without changes, but if the data was loaded into a different dashboard-panel, or
Transforms were used, adjustments may be necessary. For example, if you used the 'labels to fields'
transformation with the logs data, please switch to the 'extract fields' transformation.
* Deprecations:
- The `grafana_database_conn_*` metrics are deprecated, and will be removed in a future version of Grafana. Use
the `go_sql_stats_*` metrics instead.
- Support for compact Explore URLs is deprecated and will be removed in a future release. Until then, when
navigating to Explore using the deprecated format the URLs are automatically converted. If you have
existing links pointing to Explore update them using the format generated by Explore upon navigation.
You can identify a compact URL by its format. Compact URLs have the left (and optionally right) url parameter as
an array of strings, for example `&left=['now-1h','now'...]`. The standard explore URLs follow a key/value
pattern, for example `&left={'datasource':'test'...}`. Please be sure to check your dashboards for any
hardcoded links to Explore and update them to the standard URL pattern.
- Chore: Remove deprecated DataSourceAPI methods.
- Data: Remove deprecated types and functions from valueMappings.
- Elasticsearch: Remove browser access mode.
- Elasticsearch: Remove support for versions after their end of the life (<7.10.0).
- Explore: Remove support for legacy, compact format URLs.
- Graph: Deprecate Graph (old) and make it no longer a visualization option for new panels.
- `setExploreQueryField`, `setExploreMetricsQueryField` and `setExploreLogsQueryField` are now deprecated and will
be removed in a future release. If you need to set a different query editor for Explore, conditionally render
based on `props.app` in your regular query editor.
* Changes:
- User: Fix externalUserId not being populated.
If you used any of these components please use them from grafana/experimental from now on:
- AccessoryButton
- EditorFieldGroup
- EditorHeader
- EditorField
- EditorRow
- EditorList
- EditorRows
- EditorSwitch
- FlexItem
- Stack
- InlineSelect
- InputGroup
- Space
- Starting with 9.1.0, existing heatmap panels will start using a new implementation. This can be disabled by
setting the `useLegacyHeatmapPanel` feature flag to true. It can be tested on a single dashbobard by adding
`?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.
- Logger: Enable new logging format by default.
- Loki: Enable new visual query builder by default.
- Plugins: Remove plugin list panel.
- Install wrapper scripts under /usr/sbin
- Install actual binaries under /usr/libexec/grafana (or /usr/lib under older distributions) and create a simlink
for wrapper scripts and the service (which expect the binary to be under /usr/share/grafana/bin)
- Chore: Upgrade typescript to 4.6.4.
Patchnames
SUSE-2023-2575,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-2575,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-2575,openSUSE-SLE-15.4-2023-2575,openSUSE-SLE-15.5-2023-2575
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngrafana:\n\n- Version update from 8.5.22 to 9.5.1 (jsc#PED-3694):\n * Security fixes:\n - CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)\n - CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request parameter in proxy requests\n (bnc#1210907)\n - CVE-2022-36062: grafana: Fix RBAC folders/dashboards privilege escalation (bsc#1203596)\n - CVE-2022-35957: grafana: Escalation from admin to server admin when auth proxy is used (bsc#1203597)\n - CVE-2022-32149: Upgrade x/text to version unaffected by CVE-2022-32149 (bsc#1204501)\n - CVE-2022-31107: grafana: OAuth account takeover (bsc#1201539)\n - CVE-2022-31097: grafana: stored XSS vulnerability (bsc#1201535)\n - CVE-2022-27664: go1.18,go1.19: net/http: handle server errors after sending GOAWAY (bsc#1203185)\n - CVE-2022-0155: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor\n - CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method(bsc#1200480)\n - CVE-2021-3918: json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes\n (\u0027Prototype Pollution\u0027) (bsc#1192696)\n - CVE-2021-3807: node-ansi-regex: Inefficient Regular Expression Complexity in chalk/ansi-regex (bsc#1192154)\n - CVE-2020-7753: nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function \n * Important changes:\n - Default named retention policies won\u0027t be used to query.\n Users who have a default named retention policy in their influxdb database, have to rename it to something else.\n To change the hardcoded retention policy in the dashboard.json, users must then select the right retention policy\n from dropdown and save the panel/dashboard.\n - Grafana Alerting rules with NoDataState configuration set to Alerting will now respect \u0027For\u0027 duration.\n - Users who use LDAP role sync to only sync Viewer, Editor and Admin roles, but grant Grafana Server Admin role\n manually will not be able to do that anymore. After this change, LDAP role sync will override any manual changes\n to Grafana Server Admin role assignments. If grafana_admin is left unset in LDAP role mapping configuration, it\n will default to false.\n - The InfluxDB backend migration feature toggle (influxdbBackendMigration) has been reintroduced in this version\n as issues were discovered with backend processing of InfluxDB data. Unless this feature toggle is enabled, all\n InfluxDB data will be parsed in the frontend. This frontend processing is the default behavior. \n In Grafana 9.4.4, InfluxDB data parsing started to be handled in the backend. If you have upgraded to 9.4.4\n and then added new transformations on InfluxDB data, those panels will fail to render. To resolve this either:\n Remove the affected panel and re-create it or edit the `time` field as `Time` in `panel.json` \n or `dashboard.json`\n - The `@grafana/ui` package helper function `selectOptionInTest` used in frontend tests has been removed as it\n caused testing libraries to be bundled in the production code of Grafana. If you were using this helper function\n in your tests please update your code accordingly.\n - Removed deprecated `checkHealth` prop from the `@grafana/e2e` `addDataSource` configuration. Previously this\n value defaulted to `false`, and has not been used in end-to-end tests since Grafana 8.0.3.\n - Removed the deprecated `LegacyBaseMap`, `LegacyValueMapping`, `LegacyValueMap`, and `LegacyRangeMap` types, and\n `getMappedValue` function from grafana-data. See the documentation for the migration.\n This change fixes a bug in Grafana where intermittent failure of database, network between Grafana and the\n database, or error in querying the database would cause all alert rules to be unscheduled in Grafana. \n Following this change scheduled alert rules are not updated unless the query is successful.\n - The `get_alert_rules_duration_seconds` metric has been renamed to `schedule_query_alert_rules_duration_seconds`\n - Any secret (data sources credential, alert manager credential, etc, etc) created or modified with Grafana v9.0\n won\u0027t be decryptable from any previous version (by default) because the way encrypted secrets are stored into the\n database has changed. Although secrets created or modified with previous versions will still be decryptable by\n Grafana v9.0.\n - If required, although generally discouraged, the `disableEnvelopeEncryption` feature toggle can be enabled to\n keep envelope encryption disabled once updating to Grafana\n - In case of need to rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any reason, after being\n created or modified any secret with Grafana v9.0, the `envelopeEncryption` feature toggle will need to be enabled\n to keep backwards compatibility (only from `v8.3.x` a bit unstable, from `8.5.x` stable).\n - As a final attempt to deal with issues related with the aforementioned situations, the \n `grafana-cli admin secrets-migration rollback` command has been designed to move back all the Grafana secrets\n encrypted with envelope encryption to legacy encryption. So, after running that command it should be safe to\n disable envelope encryption and/or roll back to a previous version of Grafana.\n Alternatively or complementarily to all the points above, backing up the Grafana database before updating could\n be a good idea to prevent disasters (although the risk of getting some secrets corrupted only applies to those \n updates/created with after updating to Grafana v9.0).\n - In Elasticsearch, browser access mode was deprecated in grafana 7.4.0 and removed in 9.0.0. If you used this mode\n please switch to server access mode on the datasource configuration page.\n - Environment variables passed from Grafana to external Azure plugins have been renamed:\n `AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`,\n `AZURE_MANAGED_IDENTITY_ENABLED` renamed to `GFAZPL_MANAGED_IDENTITY_ENABLED`,\n `AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`.\n There are no known plugins which were relying on these variables. Moving forward plugins should read Azure\n settings only via Grafana Azure SDK which properly handles old and new environment variables.\n - Removes support for for ElasticSearch versions after their end-of-life, currently versions \u003c 7.10.0.\n To continue to use ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.\n - Application Insights and Insight Analytics queries in Azure Monitor were deprecated in Grafana 8.0 and finally\n removed in 9.0. Deprecated queries will no longer be executed.\n - grafana/ui: Button now specifies a default type=\u0027button\u0027.\n The `Button` component provided by @grafana/ui now specifies a default `type=\u0027button\u0027` when no type is provided.\n In previous versions, if the attribute was not specified for buttons associated with a `\u003cform\u003e` the\n default value was `submit` per the specification. You can preserve the old behavior by explicitly setting the\n type attribute: `\u003cButton type=\u0027submit\u0027 /\u003e`\n - The `Rename by regex` transformation has been improved to allow global patterns of the form \n `/\u003cstringToReplace\u003e/g`.\n Depending on the regex match used, this may cause some transformations to behave slightly differently. You can\n guarantee the same behaviour as before by wrapping the `match` string in forward slashes (`/`), e.g. `(.*)` would\n become `/(.*)/`\n - `\u003cSelect /\u003e` menus will now portal to the document body by default. This is to give more consistent\n behaviour when positioning and overlaying. If you were setting`menuShouldPortal={true}` before you can safely \n remove that prop and behaviour will be the same. If you weren\u0027t explicitly setting that prop, there should be no\n visible changes in behaviour but your tests may need updating. If you were setting `menuShouldPortal={false}`\n this will continue to prevent the menu from portalling.\n - Grafana alerting endpoint prefixed with `api/v1/rule/test` that tests a rule against a Corte/Loki data source now\n expects the data source UID as a path parameter instead of the data source numeric identifier.\n - Grafana alerting endpoints prefixed with `api/prometheus/` that proxy requests to a Cortex/Loki data source now\n expect the data source UID as a path parameter instead of the data source numeric identifier.\n - Grafana alerting endpoints prefixed with `api/ruler/` that proxy requests to a Cortex/Loki data source now expect\n the data source UID as a path parameter instead of the data\n - Grafana alerting endpoints prefixed with `api/alertmanager/` that proxy requests to an Alertmanager now expect\n the data source UID as a path parameter instead of the data source numeric identifier.\n - The format of log messages have been updated, `lvl` is now `level` and `eror`and `dbug` has been replaced with\n `error` and `debug`. The precision of timestamps has been increased.\n To smooth the transition, it is possible to opt-out of the new log format by enabling the feature toggle\n `oldlog`.\n This option will be removed in a future minor release.\n - In the Loki data source, the dataframe format used to represent Loki logs-data has been changed to a more\n efficient format. The query-result is represented by a single dataframe with a \u0027labels\u0027 column, instead of the\n separate dataframes for every labels-value. When displaying such data in explore, or in a logs-panel in the\n dashboard will continue to work without changes, but if the data was loaded into a different dashboard-panel, or\n Transforms were used, adjustments may be necessary. For example, if you used the \u0027labels to fields\u0027 \n transformation with the logs data, please switch to the \u0027extract fields\u0027 transformation.\n * Deprecations:\n - The `grafana_database_conn_*` metrics are deprecated, and will be removed in a future version of Grafana. Use \n the `go_sql_stats_*` metrics instead.\n - Support for compact Explore URLs is deprecated and will be removed in a future release. Until then, when\n navigating to Explore using the deprecated format the URLs are automatically converted. If you have\n existing links pointing to Explore update them using the format generated by Explore upon navigation.\n You can identify a compact URL by its format. Compact URLs have the left (and optionally right) url parameter as\n an array of strings, for example `\u0026left=[\u0027now-1h\u0027,\u0027now\u0027...]`. The standard explore URLs follow a key/value\n pattern, for example `\u0026left={\u0027datasource\u0027:\u0027test\u0027...}`. Please be sure to check your dashboards for any\n hardcoded links to Explore and update them to the standard URL pattern.\n - Chore: Remove deprecated DataSourceAPI methods.\n - Data: Remove deprecated types and functions from valueMappings.\n - Elasticsearch: Remove browser access mode.\n - Elasticsearch: Remove support for versions after their end of the life (\u003c7.10.0).\n - Explore: Remove support for legacy, compact format URLs.\n - Graph: Deprecate Graph (old) and make it no longer a visualization option for new panels.\n - `setExploreQueryField`, `setExploreMetricsQueryField` and `setExploreLogsQueryField` are now deprecated and will\n be removed in a future release. If you need to set a different query editor for Explore, conditionally render\n based on `props.app` in your regular query editor.\n * Changes:\n - User: Fix externalUserId not being populated.\n If you used any of these components please use them from grafana/experimental from now on:\n - AccessoryButton\n - EditorFieldGroup\n - EditorHeader\n - EditorField\n - EditorRow\n - EditorList\n - EditorRows\n - EditorSwitch\n - FlexItem\n - Stack\n - InlineSelect\n - InputGroup\n - Space\n - Starting with 9.1.0, existing heatmap panels will start using a new implementation. This can be disabled by\n setting the `useLegacyHeatmapPanel` feature flag to true. It can be tested on a single dashbobard by adding\n `?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.\n - Logger: Enable new logging format by default.\n - Loki: Enable new visual query builder by default.\n - Plugins: Remove plugin list panel.\n - Install wrapper scripts under /usr/sbin\n - Install actual binaries under /usr/libexec/grafana (or /usr/lib under older distributions) and create a simlink \n for wrapper scripts and the service (which expect the binary to be under /usr/share/grafana/bin)\n - Chore: Upgrade typescript to 4.6.4.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2575,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-2575,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-2575,openSUSE-SLE-15.4-2023-2575,openSUSE-SLE-15.5-2023-2575",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2575-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2575-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232575-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2575-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-June/029953.html"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1201535",
"url": "https://bugzilla.suse.com/1201535"
},
{
"category": "self",
"summary": "SUSE Bug 1201539",
"url": "https://bugzilla.suse.com/1201539"
},
{
"category": "self",
"summary": "SUSE Bug 1203185",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "self",
"summary": "SUSE Bug 1203596",
"url": "https://bugzilla.suse.com/1203596"
},
{
"category": "self",
"summary": "SUSE Bug 1203597",
"url": "https://bugzilla.suse.com/1203597"
},
{
"category": "self",
"summary": "SUSE Bug 1204501",
"url": "https://bugzilla.suse.com/1204501"
},
{
"category": "self",
"summary": "SUSE Bug 1209645",
"url": "https://bugzilla.suse.com/1209645"
},
{
"category": "self",
"summary": "SUSE Bug 1210907",
"url": "https://bugzilla.suse.com/1210907"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31107 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-35957 page",
"url": "https://www.suse.com/security/cve/CVE-2022-35957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36062 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1387 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1387/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1410 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1410/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2023-06-21T11:42:33Z",
"generator": {
"date": "2023-06-21T11:42:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2575-1",
"initial_release_date": "2023-06-21T11:42:33Z",
"revision_history": [
{
"date": "2023-06-21T11:42:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-150200.3.41.3.aarch64",
"product": {
"name": "grafana-9.5.1-150200.3.41.3.aarch64",
"product_id": "grafana-9.5.1-150200.3.41.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-150200.3.41.3.i586",
"product": {
"name": "grafana-9.5.1-150200.3.41.3.i586",
"product_id": "grafana-9.5.1-150200.3.41.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-150200.3.41.3.ppc64le",
"product": {
"name": "grafana-9.5.1-150200.3.41.3.ppc64le",
"product_id": "grafana-9.5.1-150200.3.41.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-150200.3.41.3.s390x",
"product": {
"name": "grafana-9.5.1-150200.3.41.3.s390x",
"product_id": "grafana-9.5.1-150200.3.41.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-150200.3.41.3.x86_64",
"product": {
"name": "grafana-9.5.1-150200.3.41.3.x86_64",
"product_id": "grafana-9.5.1-150200.3.41.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-150200.3.41.3.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
},
"product_reference": "grafana-9.5.1-150200.3.41.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-27664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27664"
}
],
"notes": [
{
"category": "general",
"text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27664",
"url": "https://www.suse.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "SUSE Bug 1203185 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "external",
"summary": "SUSE Bug 1203293 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-31097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31097"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31097",
"url": "https://www.suse.com/security/cve/CVE-2022-31097"
},
{
"category": "external",
"summary": "SUSE Bug 1201535 for CVE-2022-31097",
"url": "https://bugzilla.suse.com/1201535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2022-31097"
},
{
"cve": "CVE-2022-31107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31107"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user\u0027s external user id is not already associated with an account in Grafana, the malicious user\u0027s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user\u0027s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31107",
"url": "https://www.suse.com/security/cve/CVE-2022-31107"
},
{
"category": "external",
"summary": "SUSE Bug 1201539 for CVE-2022-31107",
"url": "https://bugzilla.suse.com/1201539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2022-31107"
},
{
"cve": "CVE-2022-32149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32149"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32149",
"url": "https://www.suse.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "SUSE Bug 1204501 for CVE-2022-32149",
"url": "https://bugzilla.suse.com/1204501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "important"
}
],
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-35957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-35957"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-35957",
"url": "https://www.suse.com/security/cve/CVE-2022-35957"
},
{
"category": "external",
"summary": "SUSE Bug 1203597 for CVE-2022-35957",
"url": "https://bugzilla.suse.com/1203597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "moderate"
}
],
"title": "CVE-2022-35957"
},
{
"cve": "CVE-2022-36062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36062"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36062",
"url": "https://www.suse.com/security/cve/CVE-2022-36062"
},
{
"category": "external",
"summary": "SUSE Bug 1203596 for CVE-2022-36062",
"url": "https://bugzilla.suse.com/1203596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "moderate"
}
],
"title": "CVE-2022-36062"
},
{
"cve": "CVE-2023-1387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1387"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1387",
"url": "https://www.suse.com/security/cve/CVE-2023-1387"
},
{
"category": "external",
"summary": "SUSE Bug 1210907 for CVE-2023-1387",
"url": "https://bugzilla.suse.com/1210907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "moderate"
}
],
"title": "CVE-2023-1387"
},
{
"cve": "CVE-2023-1410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1410"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1410",
"url": "https://www.suse.com/security/cve/CVE-2023-1410"
},
{
"category": "external",
"summary": "SUSE Bug 1209645 for CVE-2023-1410",
"url": "https://bugzilla.suse.com/1209645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:grafana-9.5.1-150200.3.41.3.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.4:grafana-9.5.1-150200.3.41.3.x86_64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.aarch64",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.ppc64le",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.s390x",
"openSUSE Leap 15.5:grafana-9.5.1-150200.3.41.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:42:33Z",
"details": "moderate"
}
],
"title": "CVE-2023-1410"
}
]
}
SUSE-SU-2023:2579-1
Vulnerability from csaf_suse - Published: 2023-06-21 11:52 - Updated: 2023-06-21 11:52Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
grafana:
- Version update from 8.5.22 to 9.5.1 (jsc#PED-3694):
* Security fixes:
- CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)
- CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request parameter in proxy requests
(bnc#1210907)
- CVE-2022-36062: grafana: Fix RBAC folders/dashboards privilege escalation (bsc#1203596)
- CVE-2022-35957: grafana: Escalation from admin to server admin when auth proxy is used (bsc#1203597)
- CVE-2022-32149: Upgrade x/text to version unaffected by CVE-2022-32149 (bsc#1204501)
- CVE-2022-31107: grafana: OAuth account takeover (bsc#1201539)
- CVE-2022-31097: grafana: stored XSS vulnerability (bsc#1201535)
- CVE-2022-27664: go1.18,go1.19: net/http: handle server errors after sending GOAWAY (bsc#1203185)
- CVE-2022-0155: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
- CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method(bsc#1200480)
- CVE-2021-3918: json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes
('Prototype Pollution') (bsc#1192696)
- CVE-2021-3807: node-ansi-regex: Inefficient Regular Expression Complexity in chalk/ansi-regex (bsc#1192154)
- CVE-2020-7753: nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function
* Important changes:
- Default named retention policies won't be used to query.
Users who have a default named retention policy in their influxdb database, have to rename it to something else.
To change the hardcoded retention policy in the dashboard.json, users must then select the right retention policy
from dropdown and save the panel/dashboard.
- Grafana Alerting rules with NoDataState configuration set to Alerting will now respect 'For' duration.
- Users who use LDAP role sync to only sync Viewer, Editor and Admin roles, but grant Grafana Server Admin role
manually will not be able to do that anymore. After this change, LDAP role sync will override any manual changes
to Grafana Server Admin role assignments. If grafana_admin is left unset in LDAP role mapping configuration, it
will default to false.
- The InfluxDB backend migration feature toggle (influxdbBackendMigration) has been reintroduced in this version
as issues were discovered with backend processing of InfluxDB data. Unless this feature toggle is enabled, all
InfluxDB data will be parsed in the frontend. This frontend processing is the default behavior.
In Grafana 9.4.4, InfluxDB data parsing started to be handled in the backend. If you have upgraded to 9.4.4
and then added new transformations on InfluxDB data, those panels will fail to render. To resolve this either:
Remove the affected panel and re-create it or edit the `time` field as `Time` in `panel.json`
or `dashboard.json`
- The `@grafana/ui` package helper function `selectOptionInTest` used in frontend tests has been removed as it
caused testing libraries to be bundled in the production code of Grafana. If you were using this helper function
in your tests please update your code accordingly.
- Removed deprecated `checkHealth` prop from the `@grafana/e2e` `addDataSource` configuration. Previously this
value defaulted to `false`, and has not been used in end-to-end tests since Grafana 8.0.3.
- Removed the deprecated `LegacyBaseMap`, `LegacyValueMapping`, `LegacyValueMap`, and `LegacyRangeMap` types, and
`getMappedValue` function from grafana-data. See the documentation for the migration.
This change fixes a bug in Grafana where intermittent failure of database, network between Grafana and the
database, or error in querying the database would cause all alert rules to be unscheduled in Grafana.
Following this change scheduled alert rules are not updated unless the query is successful.
- The `get_alert_rules_duration_seconds` metric has been renamed to `schedule_query_alert_rules_duration_seconds`
- Any secret (data sources credential, alert manager credential, etc, etc) created or modified with Grafana v9.0
won't be decryptable from any previous version (by default) because the way encrypted secrets are stored into the
database has changed. Although secrets created or modified with previous versions will still be decryptable by
Grafana v9.0.
- If required, although generally discouraged, the `disableEnvelopeEncryption` feature toggle can be enabled to
keep envelope encryption disabled once updating to Grafana
- In case of need to rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any reason, after being
created or modified any secret with Grafana v9.0, the `envelopeEncryption` feature toggle will need to be enabled
to keep backwards compatibility (only from `v8.3.x` a bit unstable, from `8.5.x` stable).
- As a final attempt to deal with issues related with the aforementioned situations, the
`grafana-cli admin secrets-migration rollback` command has been designed to move back all the Grafana secrets
encrypted with envelope encryption to legacy encryption. So, after running that command it should be safe to
disable envelope encryption and/or roll back to a previous version of Grafana.
Alternatively or complementarily to all the points above, backing up the Grafana database before updating could
be a good idea to prevent disasters (although the risk of getting some secrets corrupted only applies to those
updates/created with after updating to Grafana v9.0).
- In Elasticsearch, browser access mode was deprecated in grafana 7.4.0 and removed in 9.0.0. If you used this mode
please switch to server access mode on the datasource configuration page.
- Environment variables passed from Grafana to external Azure plugins have been renamed:
`AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`,
`AZURE_MANAGED_IDENTITY_ENABLED` renamed to `GFAZPL_MANAGED_IDENTITY_ENABLED`,
`AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`.
There are no known plugins which were relying on these variables. Moving forward plugins should read Azure
settings only via Grafana Azure SDK which properly handles old and new environment variables.
- Removes support for for ElasticSearch versions after their end-of-life, currently versions < 7.10.0.
To continue to use ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.
- Application Insights and Insight Analytics queries in Azure Monitor were deprecated in Grafana 8.0 and finally
removed in 9.0. Deprecated queries will no longer be executed.
- grafana/ui: Button now specifies a default type='button'.
The `Button` component provided by @grafana/ui now specifies a default `type='button'` when no type is provided.
In previous versions, if the attribute was not specified for buttons associated with a `<form>` the
default value was `submit` per the specification. You can preserve the old behavior by explicitly setting the
type attribute: `<Button type='submit' />`
- The `Rename by regex` transformation has been improved to allow global patterns of the form
`/<stringToReplace>/g`.
Depending on the regex match used, this may cause some transformations to behave slightly differently. You can
guarantee the same behaviour as before by wrapping the `match` string in forward slashes (`/`), e.g. `(.*)` would
become `/(.*)/`
- `<Select />` menus will now portal to the document body by default. This is to give more consistent
behaviour when positioning and overlaying. If you were setting`menuShouldPortal={true}` before you can safely
remove that prop and behaviour will be the same. If you weren't explicitly setting that prop, there should be no
visible changes in behaviour but your tests may need updating. If you were setting `menuShouldPortal={false}`
this will continue to prevent the menu from portalling.
- Grafana alerting endpoint prefixed with `api/v1/rule/test` that tests a rule against a Corte/Loki data source now
expects the data source UID as a path parameter instead of the data source numeric identifier.
- Grafana alerting endpoints prefixed with `api/prometheus/` that proxy requests to a Cortex/Loki data source now
expect the data source UID as a path parameter instead of the data source numeric identifier.
- Grafana alerting endpoints prefixed with `api/ruler/` that proxy requests to a Cortex/Loki data source now expect
the data source UID as a path parameter instead of the data
- Grafana alerting endpoints prefixed with `api/alertmanager/` that proxy requests to an Alertmanager now expect
the data source UID as a path parameter instead of the data source numeric identifier.
- The format of log messages have been updated, `lvl` is now `level` and `eror`and `dbug` has been replaced with
`error` and `debug`. The precision of timestamps has been increased.
To smooth the transition, it is possible to opt-out of the new log format by enabling the feature toggle
`oldlog`.
This option will be removed in a future minor release.
- In the Loki data source, the dataframe format used to represent Loki logs-data has been changed to a more
efficient format. The query-result is represented by a single dataframe with a 'labels' column, instead of the
separate dataframes for every labels-value. When displaying such data in explore, or in a logs-panel in the
dashboard will continue to work without changes, but if the data was loaded into a different dashboard-panel, or
Transforms were used, adjustments may be necessary. For example, if you used the 'labels to fields'
transformation with the logs data, please switch to the 'extract fields' transformation.
* Deprecations:
- The `grafana_database_conn_*` metrics are deprecated, and will be removed in a future version of Grafana. Use
the `go_sql_stats_*` metrics instead.
- Support for compact Explore URLs is deprecated and will be removed in a future release. Until then, when
navigating to Explore using the deprecated format the URLs are automatically converted. If you have
existing links pointing to Explore update them using the format generated by Explore upon navigation.
You can identify a compact URL by its format. Compact URLs have the left (and optionally right) url parameter as
an array of strings, for example `&left=['now-1h','now'...]`. The standard explore URLs follow a key/value
pattern, for example `&left={'datasource':'test'...}`. Please be sure to check your dashboards for any
hardcoded links to Explore and update them to the standard URL pattern.
- Chore: Remove deprecated DataSourceAPI methods.
- Data: Remove deprecated types and functions from valueMappings.
- Elasticsearch: Remove browser access mode.
- Elasticsearch: Remove support for versions after their end of the life (<7.10.0).
- Explore: Remove support for legacy, compact format URLs.
- Graph: Deprecate Graph (old) and make it no longer a visualization option for new panels.
- `setExploreQueryField`, `setExploreMetricsQueryField` and `setExploreLogsQueryField` are now deprecated and will
be removed in a future release. If you need to set a different query editor for Explore, conditionally render
based on `props.app` in your regular query editor.
* Changes:
- User: Fix externalUserId not being populated.
If you used any of these components please use them from grafana/experimental from now on:
- AccessoryButton
- EditorFieldGroup
- EditorHeader
- EditorField
- EditorRow
- EditorList
- EditorRows
- EditorSwitch
- FlexItem
- Stack
- InlineSelect
- InputGroup
- Space
- Starting with 9.1.0, existing heatmap panels will start using a new implementation. This can be disabled by
setting the `useLegacyHeatmapPanel` feature flag to true. It can be tested on a single dashbobard by adding
`?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.
- Logger: Enable new logging format by default.
- Loki: Enable new visual query builder by default.
- Plugins: Remove plugin list panel.
- Install wrapper scripts under /usr/sbin
- Install actual binaries under /usr/libexec/grafana (or /usr/lib under older distributions) and create a simlink
for wrapper scripts and the service (which expect the binary to be under /usr/share/grafana/bin)
- Chore: Upgrade typescript to 4.6.4.
mgr-daemon:
- Version 4.3.7-1
* Update translation strings
spacecmd:
- Version 4.3.21-1
* fix argument parsing of distribution_update (bsc#1210458)
- Version 4.3.20-1
* Display activation key details after executing the corresponding command (bsc#1208719)
* Show targetted packages before actually removing them (bsc#1207830)
uyuni-common-libs:
- Version 4.3.8-1
* Allow default component for context manager
zypp-plugin-spacewalk:
- 1.0.14
* SPEC file cleanup
Patchnames
SUSE-2023-2579,SUSE-SLE-Manager-Tools-12-2023-2579
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngrafana:\n\n- Version update from 8.5.22 to 9.5.1 (jsc#PED-3694):\n * Security fixes:\n - CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)\n - CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request parameter in proxy requests\n (bnc#1210907)\n - CVE-2022-36062: grafana: Fix RBAC folders/dashboards privilege escalation (bsc#1203596)\n - CVE-2022-35957: grafana: Escalation from admin to server admin when auth proxy is used (bsc#1203597)\n - CVE-2022-32149: Upgrade x/text to version unaffected by CVE-2022-32149 (bsc#1204501)\n - CVE-2022-31107: grafana: OAuth account takeover (bsc#1201539)\n - CVE-2022-31097: grafana: stored XSS vulnerability (bsc#1201535)\n - CVE-2022-27664: go1.18,go1.19: net/http: handle server errors after sending GOAWAY (bsc#1203185)\n - CVE-2022-0155: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor\n - CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method(bsc#1200480)\n - CVE-2021-3918: json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes\n (\u0027Prototype Pollution\u0027) (bsc#1192696)\n - CVE-2021-3807: node-ansi-regex: Inefficient Regular Expression Complexity in chalk/ansi-regex (bsc#1192154)\n - CVE-2020-7753: nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function \n * Important changes:\n - Default named retention policies won\u0027t be used to query.\n Users who have a default named retention policy in their influxdb database, have to rename it to something else.\n To change the hardcoded retention policy in the dashboard.json, users must then select the right retention policy\n from dropdown and save the panel/dashboard.\n - Grafana Alerting rules with NoDataState configuration set to Alerting will now respect \u0027For\u0027 duration.\n - Users who use LDAP role sync to only sync Viewer, Editor and Admin roles, but grant Grafana Server Admin role\n manually will not be able to do that anymore. After this change, LDAP role sync will override any manual changes\n to Grafana Server Admin role assignments. If grafana_admin is left unset in LDAP role mapping configuration, it\n will default to false.\n - The InfluxDB backend migration feature toggle (influxdbBackendMigration) has been reintroduced in this version\n as issues were discovered with backend processing of InfluxDB data. Unless this feature toggle is enabled, all\n InfluxDB data will be parsed in the frontend. This frontend processing is the default behavior. \n In Grafana 9.4.4, InfluxDB data parsing started to be handled in the backend. If you have upgraded to 9.4.4\n and then added new transformations on InfluxDB data, those panels will fail to render. To resolve this either:\n Remove the affected panel and re-create it or edit the `time` field as `Time` in `panel.json` \n or `dashboard.json`\n - The `@grafana/ui` package helper function `selectOptionInTest` used in frontend tests has been removed as it\n caused testing libraries to be bundled in the production code of Grafana. If you were using this helper function\n in your tests please update your code accordingly.\n - Removed deprecated `checkHealth` prop from the `@grafana/e2e` `addDataSource` configuration. Previously this\n value defaulted to `false`, and has not been used in end-to-end tests since Grafana 8.0.3.\n - Removed the deprecated `LegacyBaseMap`, `LegacyValueMapping`, `LegacyValueMap`, and `LegacyRangeMap` types, and\n `getMappedValue` function from grafana-data. See the documentation for the migration.\n This change fixes a bug in Grafana where intermittent failure of database, network between Grafana and the\n database, or error in querying the database would cause all alert rules to be unscheduled in Grafana. \n Following this change scheduled alert rules are not updated unless the query is successful.\n - The `get_alert_rules_duration_seconds` metric has been renamed to `schedule_query_alert_rules_duration_seconds`\n - Any secret (data sources credential, alert manager credential, etc, etc) created or modified with Grafana v9.0\n won\u0027t be decryptable from any previous version (by default) because the way encrypted secrets are stored into the\n database has changed. Although secrets created or modified with previous versions will still be decryptable by\n Grafana v9.0.\n - If required, although generally discouraged, the `disableEnvelopeEncryption` feature toggle can be enabled to\n keep envelope encryption disabled once updating to Grafana\n - In case of need to rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any reason, after being\n created or modified any secret with Grafana v9.0, the `envelopeEncryption` feature toggle will need to be enabled\n to keep backwards compatibility (only from `v8.3.x` a bit unstable, from `8.5.x` stable).\n - As a final attempt to deal with issues related with the aforementioned situations, the \n `grafana-cli admin secrets-migration rollback` command has been designed to move back all the Grafana secrets\n encrypted with envelope encryption to legacy encryption. So, after running that command it should be safe to\n disable envelope encryption and/or roll back to a previous version of Grafana.\n Alternatively or complementarily to all the points above, backing up the Grafana database before updating could\n be a good idea to prevent disasters (although the risk of getting some secrets corrupted only applies to those \n updates/created with after updating to Grafana v9.0).\n - In Elasticsearch, browser access mode was deprecated in grafana 7.4.0 and removed in 9.0.0. If you used this mode\n please switch to server access mode on the datasource configuration page.\n - Environment variables passed from Grafana to external Azure plugins have been renamed:\n `AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`,\n `AZURE_MANAGED_IDENTITY_ENABLED` renamed to `GFAZPL_MANAGED_IDENTITY_ENABLED`,\n `AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`.\n There are no known plugins which were relying on these variables. Moving forward plugins should read Azure\n settings only via Grafana Azure SDK which properly handles old and new environment variables.\n - Removes support for for ElasticSearch versions after their end-of-life, currently versions \u003c 7.10.0.\n To continue to use ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.\n - Application Insights and Insight Analytics queries in Azure Monitor were deprecated in Grafana 8.0 and finally\n removed in 9.0. Deprecated queries will no longer be executed.\n - grafana/ui: Button now specifies a default type=\u0027button\u0027.\n The `Button` component provided by @grafana/ui now specifies a default `type=\u0027button\u0027` when no type is provided.\n In previous versions, if the attribute was not specified for buttons associated with a `\u003cform\u003e` the\n default value was `submit` per the specification. You can preserve the old behavior by explicitly setting the\n type attribute: `\u003cButton type=\u0027submit\u0027 /\u003e`\n - The `Rename by regex` transformation has been improved to allow global patterns of the form \n `/\u003cstringToReplace\u003e/g`.\n Depending on the regex match used, this may cause some transformations to behave slightly differently. You can\n guarantee the same behaviour as before by wrapping the `match` string in forward slashes (`/`), e.g. `(.*)` would\n become `/(.*)/`\n - `\u003cSelect /\u003e` menus will now portal to the document body by default. This is to give more consistent\n behaviour when positioning and overlaying. If you were setting`menuShouldPortal={true}` before you can safely \n remove that prop and behaviour will be the same. If you weren\u0027t explicitly setting that prop, there should be no\n visible changes in behaviour but your tests may need updating. If you were setting `menuShouldPortal={false}`\n this will continue to prevent the menu from portalling.\n - Grafana alerting endpoint prefixed with `api/v1/rule/test` that tests a rule against a Corte/Loki data source now\n expects the data source UID as a path parameter instead of the data source numeric identifier.\n - Grafana alerting endpoints prefixed with `api/prometheus/` that proxy requests to a Cortex/Loki data source now\n expect the data source UID as a path parameter instead of the data source numeric identifier.\n - Grafana alerting endpoints prefixed with `api/ruler/` that proxy requests to a Cortex/Loki data source now expect\n the data source UID as a path parameter instead of the data\n - Grafana alerting endpoints prefixed with `api/alertmanager/` that proxy requests to an Alertmanager now expect\n the data source UID as a path parameter instead of the data source numeric identifier.\n - The format of log messages have been updated, `lvl` is now `level` and `eror`and `dbug` has been replaced with\n `error` and `debug`. The precision of timestamps has been increased.\n To smooth the transition, it is possible to opt-out of the new log format by enabling the feature toggle\n `oldlog`.\n This option will be removed in a future minor release.\n - In the Loki data source, the dataframe format used to represent Loki logs-data has been changed to a more\n efficient format. The query-result is represented by a single dataframe with a \u0027labels\u0027 column, instead of the\n separate dataframes for every labels-value. When displaying such data in explore, or in a logs-panel in the\n dashboard will continue to work without changes, but if the data was loaded into a different dashboard-panel, or\n Transforms were used, adjustments may be necessary. For example, if you used the \u0027labels to fields\u0027 \n transformation with the logs data, please switch to the \u0027extract fields\u0027 transformation.\n * Deprecations:\n - The `grafana_database_conn_*` metrics are deprecated, and will be removed in a future version of Grafana. Use \n the `go_sql_stats_*` metrics instead.\n - Support for compact Explore URLs is deprecated and will be removed in a future release. Until then, when\n navigating to Explore using the deprecated format the URLs are automatically converted. If you have\n existing links pointing to Explore update them using the format generated by Explore upon navigation.\n You can identify a compact URL by its format. Compact URLs have the left (and optionally right) url parameter as\n an array of strings, for example `\u0026left=[\u0027now-1h\u0027,\u0027now\u0027...]`. The standard explore URLs follow a key/value\n pattern, for example `\u0026left={\u0027datasource\u0027:\u0027test\u0027...}`. Please be sure to check your dashboards for any\n hardcoded links to Explore and update them to the standard URL pattern.\n - Chore: Remove deprecated DataSourceAPI methods.\n - Data: Remove deprecated types and functions from valueMappings.\n - Elasticsearch: Remove browser access mode.\n - Elasticsearch: Remove support for versions after their end of the life (\u003c7.10.0).\n - Explore: Remove support for legacy, compact format URLs.\n - Graph: Deprecate Graph (old) and make it no longer a visualization option for new panels.\n - `setExploreQueryField`, `setExploreMetricsQueryField` and `setExploreLogsQueryField` are now deprecated and will\n be removed in a future release. If you need to set a different query editor for Explore, conditionally render\n based on `props.app` in your regular query editor.\n * Changes:\n - User: Fix externalUserId not being populated.\n If you used any of these components please use them from grafana/experimental from now on:\n - AccessoryButton\n - EditorFieldGroup\n - EditorHeader\n - EditorField\n - EditorRow\n - EditorList\n - EditorRows\n - EditorSwitch\n - FlexItem\n - Stack\n - InlineSelect\n - InputGroup\n - Space\n - Starting with 9.1.0, existing heatmap panels will start using a new implementation. This can be disabled by\n setting the `useLegacyHeatmapPanel` feature flag to true. It can be tested on a single dashbobard by adding\n `?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.\n - Logger: Enable new logging format by default.\n - Loki: Enable new visual query builder by default.\n - Plugins: Remove plugin list panel.\n - Install wrapper scripts under /usr/sbin\n - Install actual binaries under /usr/libexec/grafana (or /usr/lib under older distributions) and create a simlink \n for wrapper scripts and the service (which expect the binary to be under /usr/share/grafana/bin)\n - Chore: Upgrade typescript to 4.6.4.\n\nmgr-daemon:\n\n- Version 4.3.7-1\n * Update translation strings\n\nspacecmd:\n\n- Version 4.3.21-1\n * fix argument parsing of distribution_update (bsc#1210458)\n- Version 4.3.20-1\n * Display activation key details after executing the corresponding command (bsc#1208719)\n * Show targetted packages before actually removing them (bsc#1207830)\n\nuyuni-common-libs:\n\n- Version 4.3.8-1\n * Allow default component for context manager\n\nzypp-plugin-spacewalk:\n\n- 1.0.14\n * SPEC file cleanup\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2579,SUSE-SLE-Manager-Tools-12-2023-2579",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2579-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2579-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232579-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2579-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-June/029950.html"
},
{
"category": "self",
"summary": "SUSE Bug 1047218",
"url": "https://bugzilla.suse.com/1047218"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1201535",
"url": "https://bugzilla.suse.com/1201535"
},
{
"category": "self",
"summary": "SUSE Bug 1201539",
"url": "https://bugzilla.suse.com/1201539"
},
{
"category": "self",
"summary": "SUSE Bug 1203185",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "self",
"summary": "SUSE Bug 1203596",
"url": "https://bugzilla.suse.com/1203596"
},
{
"category": "self",
"summary": "SUSE Bug 1203597",
"url": "https://bugzilla.suse.com/1203597"
},
{
"category": "self",
"summary": "SUSE Bug 1203599",
"url": "https://bugzilla.suse.com/1203599"
},
{
"category": "self",
"summary": "SUSE Bug 1204501",
"url": "https://bugzilla.suse.com/1204501"
},
{
"category": "self",
"summary": "SUSE Bug 1207830",
"url": "https://bugzilla.suse.com/1207830"
},
{
"category": "self",
"summary": "SUSE Bug 1208719",
"url": "https://bugzilla.suse.com/1208719"
},
{
"category": "self",
"summary": "SUSE Bug 1208965",
"url": "https://bugzilla.suse.com/1208965"
},
{
"category": "self",
"summary": "SUSE Bug 1209645",
"url": "https://bugzilla.suse.com/1209645"
},
{
"category": "self",
"summary": "SUSE Bug 1210458",
"url": "https://bugzilla.suse.com/1210458"
},
{
"category": "self",
"summary": "SUSE Bug 1210907",
"url": "https://bugzilla.suse.com/1210907"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27191 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31107 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-35957 page",
"url": "https://www.suse.com/security/cve/CVE-2022-35957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36062 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1387 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1387/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1410 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1410/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2023-06-21T11:52:13Z",
"generator": {
"date": "2023-06-21T11:52:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2579-1",
"initial_release_date": "2023-06-21T11:52:13Z",
"revision_history": [
{
"date": "2023-06-21T11:52:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-1.48.1.aarch64",
"product": {
"name": "grafana-9.5.1-1.48.1.aarch64",
"product_id": "grafana-9.5.1-1.48.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"product_id": "python2-uyuni-common-libs-4.3.8-1.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-1.12.1.aarch64",
"product": {
"name": "wire-0.5.0-1.12.1.aarch64",
"product_id": "wire-0.5.0-1.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-1.48.1.i586",
"product": {
"name": "grafana-9.5.1-1.48.1.i586",
"product_id": "grafana-9.5.1-1.48.1.i586"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.i586",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.i586",
"product_id": "python2-uyuni-common-libs-4.3.8-1.33.1.i586"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-1.12.1.i586",
"product": {
"name": "wire-0.5.0-1.12.1.i586",
"product_id": "wire-0.5.0-1.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "mgr-daemon-4.3.7-1.41.1.noarch",
"product": {
"name": "mgr-daemon-4.3.7-1.41.1.noarch",
"product_id": "mgr-daemon-4.3.7-1.41.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"product": {
"name": "python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"product_id": "python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.3.21-38.121.1.noarch",
"product": {
"name": "spacecmd-4.3.21-38.121.1.noarch",
"product_id": "spacecmd-4.3.21-38.121.1.noarch"
}
},
{
"category": "product_version",
"name": "zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"product": {
"name": "zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"product_id": "zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-1.48.1.ppc64le",
"product": {
"name": "grafana-9.5.1-1.48.1.ppc64le",
"product_id": "grafana-9.5.1-1.48.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"product_id": "python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-1.12.1.ppc64le",
"product": {
"name": "wire-0.5.0-1.12.1.ppc64le",
"product_id": "wire-0.5.0-1.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.s390",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.s390",
"product_id": "python2-uyuni-common-libs-4.3.8-1.33.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-1.48.1.s390x",
"product": {
"name": "grafana-9.5.1-1.48.1.s390x",
"product_id": "grafana-9.5.1-1.48.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"product_id": "python2-uyuni-common-libs-4.3.8-1.33.1.s390x"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-1.12.1.s390x",
"product": {
"name": "wire-0.5.0-1.12.1.s390x",
"product_id": "wire-0.5.0-1.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.5.1-1.48.1.x86_64",
"product": {
"name": "grafana-9.5.1-1.48.1.x86_64",
"product_id": "grafana-9.5.1-1.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"product": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"product_id": "python2-uyuni-common-libs-4.3.8-1.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "wire-0.5.0-1.12.1.x86_64",
"product": {
"name": "wire-0.5.0-1.12.1.x86_64",
"product_id": "wire-0.5.0-1.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 12",
"product": {
"name": "SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-1.48.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64"
},
"product_reference": "grafana-9.5.1-1.48.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-1.48.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le"
},
"product_reference": "grafana-9.5.1-1.48.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-1.48.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x"
},
"product_reference": "grafana-9.5.1-1.48.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.1-1.48.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64"
},
"product_reference": "grafana-9.5.1-1.48.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-daemon-4.3.7-1.41.1.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch"
},
"product_reference": "mgr-daemon-4.3.7-1.41.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.aarch64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64"
},
"product_reference": "python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le"
},
"product_reference": "python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.s390x as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x"
},
"product_reference": "python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-4.3.8-1.33.1.x86_64 as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64"
},
"product_reference": "python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
},
"product_reference": "python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.21-38.121.1.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch"
},
"product_reference": "spacecmd-4.3.21-38.121.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zypp-plugin-spacewalk-1.0.14-30.42.1.noarch as component of SUSE Manager Client Tools 12",
"product_id": "SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
},
"product_reference": "zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-27191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27191"
}
],
"notes": [
{
"category": "general",
"text": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27191",
"url": "https://www.suse.com/security/cve/CVE-2022-27191"
},
{
"category": "external",
"summary": "SUSE Bug 1197284 for CVE-2022-27191",
"url": "https://bugzilla.suse.com/1197284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2022-27191"
},
{
"cve": "CVE-2022-27664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27664"
}
],
"notes": [
{
"category": "general",
"text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27664",
"url": "https://www.suse.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "SUSE Bug 1203185 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "external",
"summary": "SUSE Bug 1203293 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-31097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31097"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31097",
"url": "https://www.suse.com/security/cve/CVE-2022-31097"
},
{
"category": "external",
"summary": "SUSE Bug 1201535 for CVE-2022-31097",
"url": "https://bugzilla.suse.com/1201535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2022-31097"
},
{
"cve": "CVE-2022-31107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31107"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user\u0027s external user id is not already associated with an account in Grafana, the malicious user\u0027s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user\u0027s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31107",
"url": "https://www.suse.com/security/cve/CVE-2022-31107"
},
{
"category": "external",
"summary": "SUSE Bug 1201539 for CVE-2022-31107",
"url": "https://bugzilla.suse.com/1201539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2022-31107"
},
{
"cve": "CVE-2022-32149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32149"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32149",
"url": "https://www.suse.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "SUSE Bug 1204501 for CVE-2022-32149",
"url": "https://bugzilla.suse.com/1204501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-35957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-35957"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-35957",
"url": "https://www.suse.com/security/cve/CVE-2022-35957"
},
{
"category": "external",
"summary": "SUSE Bug 1203597 for CVE-2022-35957",
"url": "https://bugzilla.suse.com/1203597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-35957"
},
{
"cve": "CVE-2022-36062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36062"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36062",
"url": "https://www.suse.com/security/cve/CVE-2022-36062"
},
{
"category": "external",
"summary": "SUSE Bug 1203596 for CVE-2022-36062",
"url": "https://bugzilla.suse.com/1203596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-36062"
},
{
"cve": "CVE-2022-41715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41715"
}
],
"notes": [
{
"category": "general",
"text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41715",
"url": "https://www.suse.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "SUSE Bug 1204023 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "external",
"summary": "SUSE Bug 1208441 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1208441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-46146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46146"
}
],
"notes": [
{
"category": "general",
"text": "Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users\u0027 bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46146",
"url": "https://www.suse.com/security/cve/CVE-2022-46146"
},
{
"category": "external",
"summary": "SUSE Bug 1208046 for CVE-2022-46146",
"url": "https://bugzilla.suse.com/1208046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "important"
}
],
"title": "CVE-2022-46146"
},
{
"cve": "CVE-2023-1387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1387"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1387",
"url": "https://www.suse.com/security/cve/CVE-2023-1387"
},
{
"category": "external",
"summary": "SUSE Bug 1210907 for CVE-2023-1387",
"url": "https://bugzilla.suse.com/1210907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-1387"
},
{
"cve": "CVE-2023-1410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1410"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1410",
"url": "https://www.suse.com/security/cve/CVE-2023-1410"
},
{
"category": "external",
"summary": "SUSE Bug 1209645 for CVE-2023-1410",
"url": "https://bugzilla.suse.com/1209645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.aarch64",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.ppc64le",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.s390x",
"SUSE Manager Client Tools 12:grafana-9.5.1-1.48.1.x86_64",
"SUSE Manager Client Tools 12:mgr-daemon-4.3.7-1.41.1.noarch",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.aarch64",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.ppc64le",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.s390x",
"SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.8-1.33.1.x86_64",
"SUSE Manager Client Tools 12:python2-zypp-plugin-spacewalk-1.0.14-30.42.1.noarch",
"SUSE Manager Client Tools 12:spacecmd-4.3.21-38.121.1.noarch",
"SUSE Manager Client Tools 12:zypp-plugin-spacewalk-1.0.14-30.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-21T11:52:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-1410"
}
]
}
SUSE-SU-2024:0191-1
Vulnerability from csaf_suse - Published: 2024-01-23 15:18 - Updated: 2024-01-23 15:18Summary
Security Beta update for SUSE Manager Client Tools
Notes
Title of the patch
Security Beta update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-QubitProducts-exporter_exporter:
- Exclude s390 arch
- Adapted to build on Enterprise Linux.
- Fix build for RedHat 7
- Require Go >= 1.14 also for CentOS
- Add support for CentOS
- Replace %{?systemd_requires} with %{?systemd_ordering}
golang-github-boynux-squid_exporter:
- Exclude s390 architecture (gh#SUSE/spacewalk#19050)
- Enhanced to build on Enterprise Linux 8.
golang-github-lusitaniae-apache_exporter:
- Do not strip if SUSE Linux Enterprise 15 SP3
- Exclude debug for RHEL >= 8
- Build with Go >= 1.20 when the OS is not RHEL
- Fix apparmor profile for SLE 12
- Upgrade to version 1.0.0 (jsc#PED-5405)
* Improved flag parsing
* Added support for custom headers
- Build using promu
- Fix sandboxing options
- Upgrade to version 0.13.4
* CVE-2022-32149: Fix denial of service vulnerability (bsc#1204501)
- Upgrade to version 0.13.3
* CVE-2022-41723: Fix uncontrolled resource consumption (bsc#1208270)
- Upgrade to version 0.13.1
* Fix panic caused by missing flagConfig options
- Upgrade to version 0.13.0
* CVE-2022-46146: Fix authentication bypass vulnarability (bsc#1208046)
- Corrected comment in AppArmor profile
- Added AppArmor profile
- Added sandboxing options to systemd service unit
- Exclude s390 architecture (gh#SUSE/spacewalk#19050)
- Update to upstream release 0.11.0 (jsc#SLE-24791)
* Add TLS support
* Switch to logger, please check --log.level and --log.format flags
- Update to version 0.10.1
* Bugfix: Reset ProxyBalancer metrics on each scrape to remove stale data
- Update to version 0.10.0
* Add Apache Proxy and other metrics
- Update to version 0.8.0
* Change commandline flags
* Add metrics: Apache version, request duration total
- Adapted to build on Enterprise Linux 8
- Require building with Go 1.15
- Add support for RedHat 8
- Adjust dependencies on spec file
- Disable dwarf compression in go build
- Add support for Red Hat
- Add %license macro for LICENSE file
golang-github-prometheus-alertmanager:
- Do not create PIE for s390x architecture
- Require Go 1.20 or newer for building
- Remove not used build flags
- Create position independent executables (PIE)
- Disable striping the binaries only for SLE 15 SP3
- Add System/Monitoring group tag
- Rework service file to use obscpio
* Run tar and recompress services at buildtime
* Do not generate automatically changelog entries
- Update to version 0.26.0 (jsc#PED-7353):
https://github.com/prometheus/alertmanager/releases/tag/v0.26.0
* CVE-2023-40577: Fix stored XSS via the /api/v1/alerts endpoint in the Alertmanager UI (bsc#1218838)
* Configuration: Fix empty list of receivers and inhibit_rules would cause the alertmanager to crash
* Templating: Fixed a race condition when using the title
function. It is now race-safe
* API: Fixed duplicate receiver names in the api/v2/receivers API
endpoint
* API: Attempting to delete a silence now returns the correct
status code, 404 instead of 500
* Clustering: Fixes a panic when tls_client_config is empty
* Webhook: url is now marked as a secret. It will no longer show
up in the logs as clear-text
* Metrics: New label reason for
alertmanager_notifications_failed_total metric to indicate the
type of error of the alert delivery
* Clustering: New flag --cluster.label, to help to block any
traffic that is not meant for the cluster
* Integrations: Add Microsoft Teams as a supported integration
- Update to version 0.25.0:
https://github.com/prometheus/alertmanager/releases/tag/v0.25.0
* Fail configuration loading if api_key and api_key_file are
defined at the same time
* Fix the alertmanager_alerts metric to avoid counting resolved
alerts as active. Also added a new alertmanager_marked_alerts
metric that retain the old behavior
* Trim contents of Slack API URLs when reading from files
* amtool: Avoid panic when the label value matcher is empty
* Fail configuration loading if api_url is empty for OpsGenie
* Fix email template for resolved notifications
* Add proxy_url support for OAuth2 in HTTP client configuration
* Reload TLS certificate and key from disk when updated
* Add Discord integration
* Add Webex integration
* Add min_version support to select the minimum TLS version in
HTTP client configuration
* Add max_version support to select the maximum TLS version in
* Emit warning logs when truncating messages in notifications
* Support HEAD method for the /-/healty and /-/ready endpoints
* Add support for reading global and local SMTP passwords from
files
* UI: Add 'Link' button to alerts in list
* UI: Allow to choose the first day of the week as Sunday or
Monday
- Update to version 0.24.0:
https://github.com/prometheus/alertmanager/releases/tag/v0.24.0
* Fix HTTP client configuration for the SNS receiver
* Fix unclosed file descriptor after reading the silences
snapshot file
* Fix field names for mute_time_intervals in JSON marshaling
* Ensure that the root route doesn't have any matchers
* Truncate the message's title to 1024 chars to avoid hitting
Slack limits
* Fix the default HTML email template (email.default.html) to
match with the canonical source
* Detect SNS FIFO topic based on the rendered value
* Avoid deleting and recreating a silence when an update is
possible
* api/v2: Return 200 OK when deleting an expired silence
* amtool: Fix the silence's end date when adding a silence. The
end date is (start date + duration) while it used to be
(current time + duration). The new behavior is consistent with
the update operation
* Add the /api/v2 prefix to all endpoints in the OpenAPI
specification and generated client code
* Add --cluster.tls-config experimental flag to secure cluster
traffic via mutual TLS
* Add Telegram integration
- CVE-2022-46146: Prevent authentication bypass via cache poisoning (bsc#1208051)
- Do not include sources (bsc#1200725)
golang-github-prometheus-node_exporter:
- Remove node_exporter-1.5.0.tar.gz
- Execute tar and recompress service modules at buildtime
- Update to 1.5.0 (jsc#PED-3578):
* NOTE: This changes the Go runtime 'GOMAXPROCS' to 1. This is done to limit the
concurrency of the exporter to 1 CPU thread at a time in order to avoid a
race condition problem in the Linux kernel (#2500) and parallel IO issues
on nodes with high numbers of CPUs/CPU threads (#1880).
* [CHANGE] Default GOMAXPROCS to 1 #2530
* [FEATURE] Add multiple listeners and systemd socket listener activation #2393
* [ENHANCEMENT] Add RTNL version of netclass collector #2492, #2528
* [BUGFIX] Fix hwmon label sanitizer #2504
* [BUGFIX] Use native endianness when encoding InetDiagMsg #2508
* [BUGFIX] Fix btrfs device stats always being zero #2516
- Update to 1.4.1:
* [BUGFIX] Fix diskstats exclude flags #2487
* [SECURITY] CVE-2022-27191, CVE-2022-27664: Update go/x/crypto and go/x/net (bsc#1197284, bsc#1203185)
* [SECURITY] CVE-2022-46146: Update exporter-toolkit (bsc#1208064)
- Update to 1.4.0:
* [CHANGE] Merge metrics descriptions in textfile collector #2475
* [FEATURE] [node-mixin] Add darwin dashboard to mixin #2351
* [FEATURE] Add 'isolated' metric on cpu collector on linux #2251
* [FEATURE] Add cgroup summary collector #2408
* [FEATURE] Add selinux collector #2205
* [FEATURE] Add slab info collector #2376
* [FEATURE] Add sysctl collector #2425
* [FEATURE] Also track the CPU Spin time for OpenBSD systems #1971
* [FEATURE] Add support for MacOS version #2471
* [ENHANCEMENT] [node-mixin] Add missing selectors #2426
* [ENHANCEMENT] [node-mixin] Change current datasource to grafana's default #2281
* [ENHANCEMENT] [node-mixin] Change disk graph to disk table #2364
* [ENHANCEMENT] [node-mixin] Change io time units to %util #2375
* [ENHANCEMENT] Ad user_wired_bytes and laundry_bytes on *bsd #2266
* [ENHANCEMENT] Add additional vm_stat memory metrics for darwin #2240
* [ENHANCEMENT] Add device filter flags to arp collector #2254
* [ENHANCEMENT] Add diskstats include and exclude device flags #2417
* [ENHANCEMENT] Add node_softirqs_total metric #2221
* [ENHANCEMENT] Add rapl zone name label option #2401
* [ENHANCEMENT] Add slabinfo collector #1799
* [ENHANCEMENT] Allow user to select port on NTP server to query #2270
* [ENHANCEMENT] collector/diskstats: Add labels and metrics from udev #2404
* [ENHANCEMENT] Enable builds against older macOS SDK #2327
* [ENHANCEMENT] qdisk-linux: Add exclude and include flags for interface name #2432
* [ENHANCEMENT] systemd: Expose systemd minor version #2282
* [ENHANCEMENT] Use netlink for tcpstat collector #2322
* [ENHANCEMENT] Use netlink to get netdev stats #2074
* [ENHANCEMENT] Add additional perf counters for stalled frontend/backend cycles #2191
* [ENHANCEMENT] Add btrfs device error stats #2193
* [BUGFIX] [node-mixin] Fix fsSpaceAvailableCriticalThreshold and fsSpaceAvailableWarning #2352
* [BUGFIX] Fix concurrency issue in ethtool collector #2289
* [BUGFIX] Fix concurrency issue in netdev collector #2267
* [BUGFIX] Fix diskstat reads and write metrics for disks with different sector sizes #2311
* [BUGFIX] Fix iostat on macos broken by deprecation warning #2292
* [BUGFIX] Fix NodeFileDescriptorLimit alerts #2340
* [BUGFIX] Sanitize rapl zone names #2299
* [BUGFIX] Add file descriptor close safely in test #2447
* [BUGFIX] Fix race condition in os_release.go #2454
* [BUGFIX] Skip ZFS IO metrics if their paths are missing #2451
- BuildRequire go1.18 OR HIGHER (previously this was fixed to 1.14)
- Update to 1.3.1
* [BUGFIX] Handle nil CPU thermal power status on M1 #2218
* [BUGFIX] bsd: Ignore filesystems flagged as MNT_IGNORE. #2227
* [BUGFIX] Sanitize UTF-8 in dmi collector #2229
- Exclude s390 arch.
- Update spec file in order to make --version work (bsc#1196652)
golang-github-prometheus-prometheus:
- Update to 2.45.0 (jsc#PED-5406):
* [FEATURE] API: New limit parameter to limit the number of items
returned by `/api/v1/status/tsdb` endpoint.
* [FEATURE] Config: Add limits to global config.
* [FEATURE] Consul SD: Added support for `path_prefix`.
* [FEATURE] Native histograms: Add option to scrape both classic
and native histograms.
* [FEATURE] Native histograms: Added support for two more
arithmetic operators `avg_over_time` and `sum_over_time`.
* [FEATURE] Promtool: When providing the block id, only one block
will be loaded and analyzed.
* [FEATURE] Remote-write: New Azure ad configuration to support
remote writing directly to Azure Monitor workspace.
* [FEATURE] TSDB: Samples per chunk are now configurable with
flag `storage.tsdb.samples-per-chunk`. By default set to its
former value 120.
* [ENHANCEMENT] Native histograms: bucket size can now be limited
to avoid scrape fails.
* [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL
sooner.
* [BUGFIX] Native histograms: ChunkSeries iterator now checks if
a new sample can be appended to the open chunk.
* [BUGFIX] Native histograms: Fix Histogram Appender
`Appendable()` segfault.
* [BUGFIX] Native histograms: Fix setting reset header to gauge
histograms in seriesToChunkEncoder.
* [BUGFIX] TSDB: Tombstone intervals are not modified after Get()
call.
* [BUGFIX] TSDB: Use path/filepath to set the WAL directory.
- Update to 2.44.0:
* [FEATURE] Remote-read: Handle native histograms.
* [FEATURE] Promtool: Health and readiness check of prometheus
server in CLI.
* [FEATURE] PromQL: Add `query_samples_total` metric, the total
number of samples loaded by all queries.
* [ENHANCEMENT] Storage: Optimise buffer used to iterate through
samples.
* [ENHANCEMENT] Scrape: Reduce memory allocations on target
labels.
* [ENHANCEMENT] PromQL: Use faster heap method for `topk()` /
`bottomk()`.
* [ENHANCEMENT] Rules API: Allow filtering by rule name.
* [ENHANCEMENT] Native Histograms: Various fixes and
improvements.
* [ENHANCEMENT] UI: Search of scraping pools is now
case-insensitive.
* [ENHANCEMENT] TSDB: Add an affirmative log message for
successful WAL repair.
* [BUGFIX] TSDB: Block compaction failed when shutting down.
* [BUGFIX] TSDB: Out-of-order chunks could be ignored if the
write-behind log was deleted.
- Update to 2.43.1
* [BUGFIX] Labels: Set() after Del() would be ignored, which
broke some relabeling rules.
- Update to 2.43.0:
* [FEATURE] Promtool: Add HTTP client configuration to query
commands.
* [FEATURE] Scrape: Add `include_scrape_configs` to include
scrape configs from different files.
* [FEATURE] HTTP client: Add `no_proxy` to exclude URLs from
proxied requests.
* [FEATURE] HTTP client: Add `proxy_from_enviroment` to read
proxies from env variables.
* [ENHANCEMENT] API: Add support for setting lookback delta per
query via the API.
* [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499
if a request is canceled.
* [ENHANCEMENT] Scrape: Allow exemplars for all metric types.
* [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders
size.
* [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot
with index that is ahead of WAL.
* [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to
be more comprehensible.
* [ENHANCEMENT] UI: Scope `group by` labels to metric in
autocompletion.
* [BUGFIX] Scrape: Fix
`prometheus_target_scrape_pool_target_limit` metric not set
before reloading.
* [BUGFIX] TSDB: Correctly update
`prometheus_tsdb_head_chunks_removed_total` and
`prometheus_tsdb_head_chunks` metrics when reading WAL.
* [BUGFIX] TSDB: Use the correct unit (seconds) when recording
out-of-order append deltas in the
`prometheus_tsdb_sample_ooo_delta` metric.
- Update to 2.42.0:
This release comes with a bunch of feature coverage for native
histograms and breaking changes.
If you are trying native histograms already, we recommend you
remove the `wal` directory when upgrading.
Because the old WAL record for native histograms is not
backward compatible in v2.42.0, this will lead to some data
loss for the latest data.
Additionally, if you scrape 'float histograms' or use recording
rules on native histograms in v2.42.0 (which writes float
histograms), it is a one-way street since older versions do not
support float histograms.
* [CHANGE] **breaking** TSDB: Changed WAL record format for the
experimental native histograms.
* [FEATURE] Add 'keep_firing_for' field to alerting rules.
* [FEATURE] Promtool: Add support of selecting timeseries for
TSDB dump.
* [ENHANCEMENT] Agent: Native histogram support.
* [ENHANCEMENT] Rules: Support native histograms in recording
rules.
* [ENHANCEMENT] SD: Add container ID as a meta label for pod
targets for Kubernetes.
* [ENHANCEMENT] SD: Add VM size label to azure service
discovery.
* [ENHANCEMENT] Support native histograms in federation.
* [ENHANCEMENT] TSDB: Add gauge histogram support.
* [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that
represents buckets as float64 values.
* [ENHANCEMENT] UI: Show individual scrape pools on /targets
page.
- Update to 2.41.0:
* [FEATURE] Relabeling: Add keepequal and dropequal relabel
actions.
* [FEATURE] Add support for HTTP proxy headers.
* [ENHANCEMENT] Reload private certificates when changed on disk.
* [ENHANCEMENT] Add max_version to specify maximum TLS version in
tls_config.
* [ENHANCEMENT] Add goos and goarch labels to
prometheus_build_info.
* [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs.
* [ENHANCEMENT] SD: Add new metric
prometheus_sd_file_watcher_errors_total.
* [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling.
* [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in
iterators.
* [ENHANCEMENT] TSDB: Optimize postings offset table reading.
* [BUGFIX] Scrape: Validate the metric name, label names, and
label values after relabeling.
* [BUGFIX] Remote Write receiver and rule manager: Fix error
handling.
- Update to 2.40.7:
* [BUGFIX] TSDB: Fix queries involving negative buckets of native
histograms.
- Update to 2.40.5:
* [BUGFIX] TSDB: Fix queries involving native histograms due to
improper reset of iterators.
- Update to 2.40.3:
* [BUGFIX] TSDB: Fix compaction after a deletion is called.
- Update to 2.40.2:
* [BUGFIX] UI: Fix black-on-black metric name color in dark mode.
- Update to 2.40.1:
* [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit
architecture.
* [BUGFIX] Scrape: Fix accept headers.
- Update to 2.40.0:
* [FEATURE] Add experimental support for native histograms.
Enable with the flag --enable-feature=native-histograms.
* [FEATURE] SD: Add service discovery for OVHcloud.
* [ENHANCEMENT] Kubernetes SD: Use protobuf encoding.
* [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved
sorting speed.
* [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds
__meta_consul_partition label. Adds partition config in
consul_sd_config.
* [BUGFIX] API: Fix API error codes for /api/v1/labels and
/api/v1/series.
- Update to 2.39.1:
* [BUGFIX] Rules: Fix notifier relabel changing the labels on
active alerts.
- Update to 2.39.0:
* [FEATURE] experimental TSDB: Add support for ingesting
out-of-order samples. This is configured via
out_of_order_time_window field in the config file; check config
file docs for more info.
* [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also
respond to a HEAD request on top of existing GET support.
* [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label.
* [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label.
* [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region
label.
* [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory.
* [ENHANCEMENT] TSDB: Improve WAL replay timings.
* [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary
data in the memory.
* [ENHANCEMENT] TSDB: Allow overlapping blocks by default.
--storage.tsdb.allow-overlapping-blocks now has no effect.
* [ENHANCEMENT] UI: Click to copy label-value pair from query
result to clipboard.
* [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a
memory leak.
* [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus
startup.
* [BUGFIX] PromQL: Properly close file descriptor when logging
unfinished queries.
* [BUGFIX] Agent: Fix validation of flag options and prevent WAL
from growing more than desired.
- Update to 2.38.0:
* [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint
that allows pretty-formatting PromQL expressions.
* [FEATURE]: UI: Add support for formatting PromQL expressions in
the UI.
* [FEATURE]: DNS SD: Support MX records for discovering targets.
* [FEATURE]: Templates: Add toTime() template function that
allows converting sample timestamps to Go time.Time values.
* [ENHANCEMENT]: Kubernetes SD: Add
__meta_kubernetes_service_port_number meta label indicating the
service port number.
__meta_kubernetes_pod_container_image meta label indicating the
container image.
* [ENHANCEMENT]: PromQL: When a query panics, also log the query
itself alongside the panic message.
* [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve
the contrast ratio.
* [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding
locks and using atomic types instead.
* [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature
flag, which omits or removes any default HTTP (:80) or HTTPS
(:443) ports in the target's scrape address.
* [BUGFIX]: TSDB: In the WAL watcher metrics, expose the
type='exemplar' label instead of type='unknown' for exemplar
records.
* [BUGFIX]: TSDB: Fix race condition around allocating series IDs
during chunk snapshot loading.
- Remove npm_licenses.tar.bz2 during 'make clean'
- Remove web-ui archives during 'make clean'.
- Require promu >= 0.14.0 for building
- Upgrade to version 2.37.6
* Require Go 1.19
- Upgrade to version 2.37.5
* [SECURITY] Security upgrade from go and upstream dependencies
that include security fixes to the net/http and os packages.
- Upgrade to version 2.37.4
* [SECURITY] CVE-2022-46146: Fix basic authentication bypass vulnerability (bsc#1208049, jsc#PED-3576)
- Upgrade to version 2.37.3
* [BUGFIX] CVE-2022-41715: Update our regexp library to fix upstream vulnerability (bnc#1204023)
* [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a
memory leak.
- Upgrade to version 2.37.2
* [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus
startup.
* [BUGFIX] Agent: Fix validation of flag options and prevent WAL
from growing more than desired.
- Upgrade to version 2.37.1
* [BUGFIX] Properly close file descriptor when logging unfinished
queries.
* [BUGFIX] TSDB: In the WAL watcher metrics, expose the
- Upgrade to version 2.37.0
* [FEATURE] Nomad SD: New service discovery for Nomad built-in
service discovery.
* [ENHANCEMENT] Kubernetes SD: Allow attaching node labels for
endpoint role.
* [ENHANCEMENT] PromQL: Optimise creation of signature
with/without labels.
* [ENHANCEMENT] TSDB: Memory optimizations.
* [ENHANCEMENT] TSDB: Reduce sleep time when reading WAL.
* [ENHANCEMENT] OAuth2: Add appropriate timeouts and User-Agent
header.
* [BUGFIX] Alerting: Fix Alertmanager targets not being updated
when alerts were queued.
* [BUGFIX] Hetzner SD: Make authentication files relative to
Prometheus config file.
* [BUGFIX] Promtool: Fix promtool check config not erroring
properly on failures.
* [BUGFIX] Scrape: Keep relabeled scrape interval and timeout on
reloads.
* [BUGFIX] TSDB: Don't increment
prometheus_tsdb_compactions_failed_total when context is
canceled.
* [BUGFIX] TSDB: Fix panic if series is not found when deleting
series.
* [BUGFIX] TSDB: Increase
prometheus_tsdb_mmap_chunk_corruptions_total on out of sequence
errors.
* [BUGFIX] Uyuni SD: Make authentication files relative to
Prometheus configuration file and fix default configuration
values.
- Upgrade to version 2.36.2
* [BUGFIX] Fix serving of static assets like fonts and favicon.
- Upgrade to version 2.36.1
* [BUGFIX] promtool: Add --lint-fatal option.
- Upgrade to version 2.36.0
* [FEATURE] Add lowercase and uppercase relabel action.
* [FEATURE] SD: Add IONOS Cloud integration.
* [FEATURE] SD: Add Vultr integration.
* [FEATURE] SD: Add Linode SD failure count metric.
* [FEATURE] Add prometheus_ready metric.
* [ENHANCEMENT] Add stripDomain to template function.
* [ENHANCEMENT] UI: Enable active search through dropped targets.
* [ENHANCEMENT] promtool: support matchers when querying label
* [ENHANCEMENT] Add agent mode identifier.
* [BUGFIX] Changing TotalQueryableSamples from int to int64.
* [BUGFIX] tsdb/agent: Ignore duplicate exemplars.
* [BUGFIX] TSDB: Fix chunk overflow appending samples at a
variable rate.
* [BUGFIX] Stop rule manager before TSDB is stopped.
- Upgrade to version 2.35.0
* [CHANGE] TSDB: Delete *.tmp WAL files when Prometheus starts.
* [CHANGE] promtool: Add new flag --lint (enabled by default) for
the commands check rules and check config, resulting in a new
exit code (3) for linter errors.
* [FEATURE] Support for automatically setting the variable
GOMAXPROCS to the container CPU limit. Enable with the flag
--enable-feature=auto-gomaxprocs.
* [FEATURE] PromQL: Extend statistics with total and peak number
of samples in a query. Additionally, per-step statistics are
available with --enable-feature=promql-per-step-stats and using
stats=all in the query API. Enable with the flag
--enable-feature=per-step-stats.
* [ENHANCEMENT] TSDB: more efficient sorting of postings read from
WAL at startup.
* [ENHANCEMENT] Azure SD: Add metric to track Azure SD failures.
* [ENHANCEMENT] Azure SD: Add an optional resource_group
configuration.
* [ENHANCEMENT] Kubernetes SD: Support discovery.k8s.io/v1
EndpointSlice (previously only discovery.k8s.io/v1beta1
EndpointSlice was supported).
* [ENHANCEMENT] Kubernetes SD: Allow attaching node metadata to
discovered pods.
* [ENHANCEMENT] OAuth2: Support for using a proxy URL to fetch
OAuth2 tokens.
* [ENHANCEMENT] Configuration: Add the ability to disable HTTP2.
* [ENHANCEMENT] Config: Support overriding minimum TLS version.
* [BUGFIX] Kubernetes SD: Explicitly include gcp auth from k8s.io.
* [BUGFIX] Fix OpenMetrics parser to sort uppercase labels
correctly.
* [BUGFIX] UI: Fix scrape interval and duration tooltip not
showing on target page.
* [BUGFIX] Tracing/GRPC: Set TLS credentials only when insecure is
false.
* [BUGFIX] Agent: Fix ID collision when loading a WAL with
multiple segments.
* [BUGFIX] Remote-write: Fix a deadlock between Batch and flushing
the queue.
- Upgrade to version 2.34.0
* [CHANGE] UI: Classic UI removed.
* [CHANGE] Tracing: Migrate from Jaeger to OpenTelemetry based
tracing.
* [ENHANCEMENT] TSDB: Disable the chunk write queue by default and
allow configuration with the experimental flag
--storage.tsdb.head-chunks-write-queue-size.
* [ENHANCEMENT] HTTP SD: Add a failure counter.
* [ENHANCEMENT] Azure SD: Set Prometheus User-Agent on requests.
* [ENHANCEMENT] Uyuni SD: Reduce the number of logins to Uyuni.
* [ENHANCEMENT] Scrape: Log when an invalid media type is
encountered during a scrape.
* [ENHANCEMENT] Scrape: Accept
application/openmetrics-text;version=1.0.0 in addition to
version=0.0.1.
* [ENHANCEMENT] Remote-read: Add an option to not use external
labels as selectors for remote read.
* [ENHANCEMENT] UI: Optimize the alerts page and add a search bar.
* [ENHANCEMENT] UI: Improve graph colors that were hard to see.
* [ENHANCEMENT] Config: Allow escaping of $ with $$ when using
environment variables with external labels.
* [BUGFIX] PromQL: Properly return an error from
histogram_quantile when metrics have the same labelset.
* [BUGFIX] UI: Fix bug that sets the range input to the
resolution.
* [BUGFIX] TSDB: Fix a query panic when
memory-snapshot-on-shutdown is enabled.
* [BUGFIX] Parser: Specify type in metadata parser errors.
* [BUGFIX] Scrape: Fix label limit changes not applying.
- Upgrade to version 2.33.5
* [BUGFIX] Remote-write: Fix deadlock between adding to queue and
getting batch.
- Upgrade to version 2.33.4
* [BUGFIX] TSDB: Fix panic when m-mapping head chunks onto the
disk.
- Upgrade to version 2.33.3
* [BUGFIX] Azure SD: Fix a regression when public IP Address isn't
set.
- Upgrade to version 2.33.2
* [BUGFIX] Azure SD: Fix panic when public IP Address isn't set.
* [BUGFIX] Remote-write: Fix deadlock when stopping a shard.
- Upgrade to version 2.33.1
* [BUGFIX] SD: Fix no such file or directory in K8s SD when not
running inside K8s.
- Upgrade to version 2.33.0
* [CHANGE] PromQL: Promote negative offset and @ modifer to stable
features.
* [CHANGE] Web: Promote remote-write-receiver to stable.
* [FEATURE] Config: Add stripPort template function.
* [FEATURE] Promtool: Add cardinality analysis to check metrics,
enabled by flag --extended.
* [FEATURE] SD: Enable target discovery in own K8s namespace.
* [FEATURE] SD: Add provider ID label in K8s SD.
* [FEATURE] Web: Add limit field to the rules API.
* [ENHANCEMENT] Remote-write: Avoid allocations by buffering
concrete structs instead of interfaces.
* [ENHANCEMENT] Remote-write: Log time series details for
out-of-order samples in remote write receiver.
* [ENHANCEMENT] Remote-write: Shard up more when backlogged.
* [ENHANCEMENT] TSDB: Use simpler map key to improve exemplar
ingest performance.
* [ENHANCEMENT] TSDB: Avoid allocations when popping from the
intersected postings heap.
* [ENHANCEMENT] TSDB: Make chunk writing non-blocking, avoiding
latency spikes in remote-write.
* [ENHANCEMENT] TSDB: Improve label matching performance.
* [ENHANCEMENT] UI: Optimize the service discovery page and add a search bar.
* [ENHANCEMENT] UI: Optimize the target page and add a search bar.
* [BUGFIX] Promtool: Make exit codes more consistent.
* [BUGFIX] Promtool: Fix flakiness of rule testing.
* [BUGFIX] Remote-write: Update
prometheus_remote_storage_queue_highest_sent_timestamp_seconds
metric when write irrecoverably fails.
* [BUGFIX] Storage: Avoid panic in BufferedSeriesIterator.
* [BUGFIX] TSDB: CompactBlockMetas should produce correct
mint/maxt for overlapping blocks.
* [BUGFIX] TSDB: Fix logging of exemplar storage size.
* [BUGFIX] UI: Fix overlapping click targets for the alert state
checkboxes.
* [BUGFIX] UI: Fix Unhealthy filter on target page to actually
display only Unhealthy targets.
* [BUGFIX] UI: Fix autocompletion when expression is empty.
* [BUGFIX] TSDB: Fix deadlock from simultaneous GC and write.
- CVE-2022-46146: Fix authentication bypass by updating Prometheus Exporter Toolkit
to version 0.7.3 (bsc#1208049)
- CVE-2022-41723: Fix uncontrolled resource consumption by updating Go to version
1.20.1 (bsc#1208298)
golang-github-prometheus-promu:
- Always set user and host build metadata to constant string to
achieve reproducible builds (compare reproducible-builds.org)
- Add 0001-do_not_discover_user_host_for_reproducible_builds.patch
- Require Go >= 1.19 for building
- Require Go >= 1.18 for building Red Hat packages
- Update to version 0.14.0 (jsc#PED-3576):
* Add the ability to override tags per GOOS
* Remove ioutil
* Update common Prometheus files (#232) (#224)
* Validate environment variable value
* Set build date from SOURCE_DATE_EPOCH
- Update to Go 1.18
- Exclude s390 architecture.
- Set build date from last changelog modification (bsc#1047218)
- Adapted for Enterprise Linux build.
- Build requires Go 1.15
* Make extldflags extensible by configuration. #125
* Avoid bind-mounting to allow building with a remote docker engine #95
- Update to 0.2.0
+ Features:
* Adding changes to support s390x
* Add option to disable static linking
* Add support for 32bit MIPS.
* Added check_licenses Command to Promu
+ Enhancements:
* Allow to customize nested options via env variables
* Bump Go version to 1.11
* Add warning if promu info is unable to determine repo info
+ Bug Fixes:
* Fix build on SmartOS by not setting gcc's -static flag
* Fix git repository url parsing
- Update to 0.1.0
- Initial version
grafana:
- Update to version 9.5.8:
* Please, check the release notes for further details.
* Security fixes provided in this and previous versions:
* CVE-2023-3128: Authentication bypass using Azure AD OAuth (bsc#1212641, jsc#PED-3694)
* CVE-2023-2801: Prevent crash while executing concurrent mixed queries (bsc#1212099)
* CVE-2023-2183: Require alert.notifications:write permissions to test receivers and templates (bsc#1212100)
* CVE-2023-1387: JWT URL-login flow leaks token to data sources through request parameter in proxy
requests (bsc#1210907, jsc#PED-3694)
* CVE-2023-1410: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)
* CVE-2020-7753: Regular Expression Denial of Service (ReDoS) in trim function (bsc#1218843)
* CVE-2021-3807: Regular expressionDdenial of Service (ReDoS) matching ANSI escape codes (bsc#1192154)
* CVE-2021-3918: Improperly Controlled Modification of Object Prototype Attributes (bsc#1192696)
* CVE-2021-43138: A malicious user can obtain privileges via the mapValues() method (bsc#1200480)
* CVE-2022-0155: Exposure of Private Personal Information to an Unauthorized Actor (bsc#1218844)
* CVE-2022-31107: OAuth account takeover (bsc#1201539)
* CVE-2022-31097: Stored XSS vulnerability (bsc#1201535)
* CVE-2023-1410: Fix XSS in Graphite functions tooltip (bsc#1209645)
* CVE-2023-0507: Apply attribute sanitation to GeomapPanel (bsc#1208821)
* CVE-2023-0594: Avoid storing XSS in TraceView panel (bsc#1208819)
* CVE-2022-46146: Fix basic authentication bypass by updating the exporter toolkit to
version 0.7.3 (bsc#1208065)
* CVE-2022-41723: Require Go 1.19 or newer (bsc#1208293)
* CVE-2022-23552: SVG: Add dompurify preprocessor step (bsc#1207749)
* CVE-2022-39324: Snapshots: Fix originalUrl spoof security issue (bsc#1207750)
* CVE-2022-39306: Fix for privilege escalation (bsc#1205225)
* CVE-2022-39307: Omit error from http response when user does not
exists (bsc#1205227)
* CVE-2022-39201: Fix do not forward login cookie in outgoing requests (bsc#1204303)
* CVE-2022-31130: Make proxy endpoints not leak sensitive HTTP headers (bsc#1204305)
* CVE-2022-31123: Fix plugin signature bypass (bsc#1204302)
* CVE-2022-39229: Fix blocknig other users from signing in (bsc#1204304)
* CVE-2022-36062: RBAC folders/dashboards privilege escalation (bsc#1203596, jsc#PED-2145)
* CVE-2022-35957: Escalation from admin to server admin when auth proxy is used (bsc#1203597, jsc#PED-2145)
* CVE-2022-31107: OAuth account takeover (bsc#1201539)
* CVE-2022-31097: Stored XSS vulnerability (bsc#1201535)
* CVE-2022-29170: Request security bypass via malicious redirect (bsc#1199810)
* CVE-2022-31097: XSS vulnerability in the Unified Alerting (bsc#1201535)
* CVE-2022-31107: OAuth account takeover vulnerability (bsc#1201539)
* CVE-2022-21702: XSS vulnerability in handling data sources (bsc#1195726, jsc#SLE-23439, jsc#SLE-23422, jsc#SLE-24565)
* CVE-2022-21703: Cross-origin request forgery vulnerability (bsc#1195727)
* CVE-2022-21713: Insecure Direct Object Reference vulnerability in Teams API (bsc#1195728)
* CVE-2022-21673: GetUserInfo: return an error if no user was found (bsc#1194873)
* CVE-2021-43813: Directory traversal vulnerability for .md files (bsc#1193688)
* CVE-2021-43815: Directory traversal for .csv files (bsc#1193686)
* CVE-2021-43798: arbitrary file read in the graph native plugin (bsc#1193492)
* CVE-2021-43798: Arbitrary file read in the graph native plugin (bsc#1193492)
* CVE-2021-41244: Grafana 8.2.4 released with security fixes (bsc#1192763)
* Security: Fixes CVE-2021-41174, bsc#1192383.
* Security: Update dependencies to fix CVE-2021-36222, bsc#1188571.
kiwi-desc-saltboot:
- Update to version 0.1.1687520761.cefb248
* Add osimage cert package to bootstrap for
SUSE Linux Enterprise 12 images (bsc#1204089)
- Update to version 0.1.1673279145.e7616bd
* Add failsafe stop file when salt-minion does not stop (bsc#1172110)
- Update to version 0.1.1661440542.6cbe0da
* Use standard susemanager.conf
* Use salt bundle
* Add support fo VirtIO disks
mgr-push:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.6-1
* Remove unused makefiles
- Version 4.4.5-1
* Use http to connect to localhost server
* Use bundle CA certificate in rhnpush
- Version 4.4.4-1
* remove pylint check at build time
- Version 4.4.3-1
* Ensure installation of make for building
- Version 4.4.2-1
* Update translation strings
- Version 4.4.1-1
* Bump version to 4.4.0
prometheus-blackbox_exporter:
- Use obscpio for go modules service
- Set version number
- Set build date from SOURCE_DATE_EPOCH
- Update to 0.24.0 (bsc#1212279, jsc#PED-4556)
* Requires go1.19
- Avoid empty validation script
- Add rc symlink for backwards compatibility
- Fix authentication bypass via cache poisoning
(CVE-2022-46146, bsc#1208062)
- Add `min_version` parameter of `tls_config` to allow enabling
TLS 1.0 and 1.1 (bsc#1209113)
- On SUSE Linux Enterprise build always with Go >= 1.19 (bsc#1203599)
- Build with go1.18 only for SLE-15-SP3 and
build with >= go1.19 on higher SP (bsc#1203599)
- Require go1.18 (bsc#1203599, GH#19127)
- Exclude s390 arch
- Fix %pre section to avoid empty content
- Updated to allow building on older rpmbuild.
- Enhanced to build on Enterprise Linux 8
prometheus-postgres_exporter:
- Remove duplicated call to systemd requirements
- Do not build debug if RHEL >= 8
- Do not strip if SUSE Linux Enterprise 15 SP3
- Build at least with with Go >= 1.18 on RHEL
- Build with Go >= 1.20 elsewhere
- Adapt the systemd service security configuration
to be able to start it on RHEL systems and clones
- Create the prometheus user for RHEL systems and clones
- Add 0001-Update-prometheus-exporter-toolkit-to-0.7.3.patch
* Fix authentication bypass via cache poisoning
(CVE-2022-46146, bsc#1208060)
- Fix _service to pull correct version
- Use go_modules source service
- Upgrade to version 0.10.1:
* Fix broken log-level for values other than debug (bsc#1208965)
- Version/release lines above first usage of those macros.
gh#uyuni-project/uyuni#5418
- Prevent empty %pre section
- Exclude s390 builds
- Updated for RHEL8.
python-hwdata:
- Declare the LICENSE file as license and not doc
rhnlib:
- Version 5.0.1-1
* Specify a packager for Debian like distros
- Version 4.4.6-1
* Remove unused makefiles
- Version 4.4.5-1
* Use bundle CA certificate in rhnpush
- Version 4.4.4-1
* Only use TLSv1+ for SSL connections
- Version 4.4.3-1
* Ensure installation of make for building
- Version 4.4.2-1
* Don't get stuck at the end of SSL transfers (bsc#1204032)
- Version 4.4.1-1
* Bump version to 4.4.0
spacecmd:
- Version 5.0.1-1
* Use localhost without ssl when running on the server
- Version 4.4.10-1
* Update translation strings
- Version 4.4.9-1
- Version 4.4.8-1
* Add spacecmd function: cryptokey_update
* Bypass traditional systems check on older SUMA instances (bsc#1208612)
* fix argument parsing of distribution_update (bsc#1210458)
- Version 4.4.7-1
* remove pylint check at build time
* Display activation key details after executing the corresponding command (bsc#1208719)
* Show targetted packages before actually removing them (bsc#1207830)
- Version 4.4.6-1
* Fix spacecmd not showing any output for softwarechannel_diff
and softwarechannel_errata_diff (bsc#1207352)
- Version 4.4.5-1
* Prevent string api parameters to be parsed as dates if not in
ISO-8601 format (bsc#1205759)
* Add python-dateutil dependency, required to process date values in
spacecmd api calls
* Remove python3-simplejson dependency
- Version 4.4.4-1
* Correctly understand 'ssm' keyword on scap scheduling
* Add vendor_advisory information to errata_details call (bsc#1205207)
* Change default port of 'Containerized Proxy configuration' 8022
- Version 4.4.3-1
* Added two missing options to schedule product migration: allow-vendor-change
and remove-products-without-successor (bsc#1204126)
* Changed schedule product migration to use the correct API method
* Fix dict_keys not supporting indexing in systems_setconfigchannelorger
* Added a warning message for traditional stack deprecation
* Remove 'Undefined return code' from debug messages (bsc#1203283)
- Version 4.4.2-1
* Stop always showing help for valid proxy_container_config calls
- Version 4.4.1-1
* Process date values in spacecmd api calls (bsc#1198903)
* Improve Proxy FQDN hint message
- Version 4.3.14-1
* Fix missing argument on system_listmigrationtargets (bsc#1201003)
* Show correct help on calling kickstart_importjson with no arguments
* Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
* Change proxy container config default filename to end with tar.gz
- Version 4.3.13-1
* Update translation strings
- Version 4.3.12-1
* Update translation strings
- Version 4.3.11-1
* on full system update call schedulePackageUpdate API (bsc#1197507)
spacewalk-client-tools:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.7-1
* Remove unused and deprecated/removed platform.dist import.
- Version 4.4.6-1
* Update translation strings
* Tito requires to list the package source as %{name}-%{version}.tar.gz
- Version 4.4.5-1
* remove mgr-virtualization usage
* remove dependency to suseRegisterInfo
- Version 4.4.4-1
* Update translation strings
- Version 4.4.3-1
* Update translation strings
- Version 4.4.2-1
* Update translation strings
- Version 4.4.1-1
* Update translation strings
- Version 4.3.11-1
* Update translation strings
- Version 4.3.10-1
supportutils-plugin-salt:
- Update to version 1.2.2
* Remove possible passwords from Salt configuration files (bsc#1201059)
- Update to version 1.2.1
* Remove ERROR messages on Salt client systems
- Declare the LICENSE file as license and not doc
- Update to version 1.2.0
* Add support for Salt Bundle
supportutils-plugin-susemanager-client:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.2-1
* write configured crypto-policy in supportconfig
* add cloud and payg checks
- Version 4.4.1-1
* Bump version to 4.4.0
- Version 4.3.2-1
* Add proxy containers config and logs
uyuni-common-libs:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.4-1
* Workaround for python3-debian bug about collecting control file (bsc#1211525, bsc#1208692)
* Accept missing rhn.conf file
* Use context manager for apache users in fileutils.py.
- Version 4.4.3-1
* Ensure installation of make for building.
* Use versioned Python during packaging.
- Version 4.4.2-1
* unify user notification code on java side
- Version 4.4.1-1
* Do not allow creating path if nonexistent user or group in fileutils.
- Version 4.3.5-1
* Fix reposync issue about 'rpm.hdr' object has no attribute 'get'
Patchnames
SUSE-2024-191,SUSE-SLE-Manager-Tools-12-BETA-2024-191
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security Beta update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Exclude s390 arch \n- Adapted to build on Enterprise Linux.\n- Fix build for RedHat 7\n- Require Go \u003e= 1.14 also for CentOS\n- Add support for CentOS\n- Replace %{?systemd_requires} with %{?systemd_ordering}\n\ngolang-github-boynux-squid_exporter:\n\n- Exclude s390 architecture (gh#SUSE/spacewalk#19050)\n- Enhanced to build on Enterprise Linux 8.\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Exclude debug for RHEL \u003e= 8\n- Build with Go \u003e= 1.20 when the OS is not RHEL\n- Fix apparmor profile for SLE 12\n- Upgrade to version 1.0.0 (jsc#PED-5405)\n * Improved flag parsing\n * Added support for custom headers\n- Build using promu\n- Fix sandboxing options\n- Upgrade to version 0.13.4\n * CVE-2022-32149: Fix denial of service vulnerability (bsc#1204501)\n- Upgrade to version 0.13.3\n * CVE-2022-41723: Fix uncontrolled resource consumption (bsc#1208270)\n- Upgrade to version 0.13.1\n * Fix panic caused by missing flagConfig options\n- Upgrade to version 0.13.0\n * CVE-2022-46146: Fix authentication bypass vulnarability (bsc#1208046)\n- Corrected comment in AppArmor profile\n- Added AppArmor profile\n- Added sandboxing options to systemd service unit\n- Exclude s390 architecture (gh#SUSE/spacewalk#19050)\n- Update to upstream release 0.11.0 (jsc#SLE-24791)\n * Add TLS support\n * Switch to logger, please check --log.level and --log.format flags\n- Update to version 0.10.1\n * Bugfix: Reset ProxyBalancer metrics on each scrape to remove stale data\n- Update to version 0.10.0\n * Add Apache Proxy and other metrics\n- Update to version 0.8.0\n * Change commandline flags\n * Add metrics: Apache version, request duration total\n- Adapted to build on Enterprise Linux 8\n- Require building with Go 1.15\n- Add support for RedHat 8\n - Adjust dependencies on spec file \n - Disable dwarf compression in go build\n- Add support for Red Hat\n- Add %license macro for LICENSE file \n\ngolang-github-prometheus-alertmanager:\n\n- Do not create PIE for s390x architecture\n- Require Go 1.20 or newer for building\n- Remove not used build flags\n- Create position independent executables (PIE)\n- Disable striping the binaries only for SLE 15 SP3\n- Add System/Monitoring group tag\n- Rework service file to use obscpio\n * Run tar and recompress services at buildtime\n * Do not generate automatically changelog entries\n- Update to version 0.26.0 (jsc#PED-7353):\n https://github.com/prometheus/alertmanager/releases/tag/v0.26.0\n * CVE-2023-40577: Fix stored XSS via the /api/v1/alerts endpoint in the Alertmanager UI (bsc#1218838)\n * Configuration: Fix empty list of receivers and inhibit_rules would cause the alertmanager to crash\n * Templating: Fixed a race condition when using the title\n function. It is now race-safe\n * API: Fixed duplicate receiver names in the api/v2/receivers API\n endpoint\n * API: Attempting to delete a silence now returns the correct\n status code, 404 instead of 500\n * Clustering: Fixes a panic when tls_client_config is empty\n * Webhook: url is now marked as a secret. It will no longer show\n up in the logs as clear-text\n * Metrics: New label reason for\n alertmanager_notifications_failed_total metric to indicate the\n type of error of the alert delivery\n * Clustering: New flag --cluster.label, to help to block any\n traffic that is not meant for the cluster\n * Integrations: Add Microsoft Teams as a supported integration\n- Update to version 0.25.0:\n https://github.com/prometheus/alertmanager/releases/tag/v0.25.0\n * Fail configuration loading if api_key and api_key_file are\n defined at the same time\n * Fix the alertmanager_alerts metric to avoid counting resolved\n alerts as active. Also added a new alertmanager_marked_alerts\n metric that retain the old behavior\n * Trim contents of Slack API URLs when reading from files\n * amtool: Avoid panic when the label value matcher is empty\n * Fail configuration loading if api_url is empty for OpsGenie\n * Fix email template for resolved notifications\n * Add proxy_url support for OAuth2 in HTTP client configuration\n * Reload TLS certificate and key from disk when updated\n * Add Discord integration\n * Add Webex integration\n * Add min_version support to select the minimum TLS version in\n HTTP client configuration\n * Add max_version support to select the maximum TLS version in\n * Emit warning logs when truncating messages in notifications\n * Support HEAD method for the /-/healty and /-/ready endpoints\n * Add support for reading global and local SMTP passwords from\n files\n * UI: Add \u0027Link\u0027 button to alerts in list\n * UI: Allow to choose the first day of the week as Sunday or\n Monday\n- Update to version 0.24.0:\n https://github.com/prometheus/alertmanager/releases/tag/v0.24.0\n * Fix HTTP client configuration for the SNS receiver\n * Fix unclosed file descriptor after reading the silences\n snapshot file\n * Fix field names for mute_time_intervals in JSON marshaling\n * Ensure that the root route doesn\u0027t have any matchers\n * Truncate the message\u0027s title to 1024 chars to avoid hitting\n Slack limits\n * Fix the default HTML email template (email.default.html) to\n match with the canonical source\n * Detect SNS FIFO topic based on the rendered value\n * Avoid deleting and recreating a silence when an update is\n possible\n * api/v2: Return 200 OK when deleting an expired silence\n * amtool: Fix the silence\u0027s end date when adding a silence. The\n end date is (start date + duration) while it used to be\n (current time + duration). The new behavior is consistent with\n the update operation\n * Add the /api/v2 prefix to all endpoints in the OpenAPI\n specification and generated client code\n * Add --cluster.tls-config experimental flag to secure cluster\n traffic via mutual TLS\n * Add Telegram integration\n- CVE-2022-46146: Prevent authentication bypass via cache poisoning (bsc#1208051)\n- Do not include sources (bsc#1200725)\n\ngolang-github-prometheus-node_exporter:\n\n- Remove node_exporter-1.5.0.tar.gz\n- Execute tar and recompress service modules at buildtime\n- Update to 1.5.0 (jsc#PED-3578):\n * NOTE: This changes the Go runtime \u0027GOMAXPROCS\u0027 to 1. This is done to limit the\n concurrency of the exporter to 1 CPU thread at a time in order to avoid a\n race condition problem in the Linux kernel (#2500) and parallel IO issues\n on nodes with high numbers of CPUs/CPU threads (#1880).\n * [CHANGE] Default GOMAXPROCS to 1 #2530\n * [FEATURE] Add multiple listeners and systemd socket listener activation #2393\n * [ENHANCEMENT] Add RTNL version of netclass collector #2492, #2528\n * [BUGFIX] Fix hwmon label sanitizer #2504\n * [BUGFIX] Use native endianness when encoding InetDiagMsg #2508\n * [BUGFIX] Fix btrfs device stats always being zero #2516\n- Update to 1.4.1:\n * [BUGFIX] Fix diskstats exclude flags #2487\n * [SECURITY] CVE-2022-27191, CVE-2022-27664: Update go/x/crypto and go/x/net (bsc#1197284, bsc#1203185)\n * [SECURITY] CVE-2022-46146: Update exporter-toolkit (bsc#1208064)\n- Update to 1.4.0:\n * [CHANGE] Merge metrics descriptions in textfile collector #2475\n * [FEATURE] [node-mixin] Add darwin dashboard to mixin #2351\n * [FEATURE] Add \u0027isolated\u0027 metric on cpu collector on linux #2251\n * [FEATURE] Add cgroup summary collector #2408\n * [FEATURE] Add selinux collector #2205\n * [FEATURE] Add slab info collector #2376\n * [FEATURE] Add sysctl collector #2425\n * [FEATURE] Also track the CPU Spin time for OpenBSD systems #1971\n * [FEATURE] Add support for MacOS version #2471\n * [ENHANCEMENT] [node-mixin] Add missing selectors #2426\n * [ENHANCEMENT] [node-mixin] Change current datasource to grafana\u0027s default #2281\n * [ENHANCEMENT] [node-mixin] Change disk graph to disk table #2364\n * [ENHANCEMENT] [node-mixin] Change io time units to %util #2375\n * [ENHANCEMENT] Ad user_wired_bytes and laundry_bytes on *bsd #2266\n * [ENHANCEMENT] Add additional vm_stat memory metrics for darwin #2240\n * [ENHANCEMENT] Add device filter flags to arp collector #2254\n * [ENHANCEMENT] Add diskstats include and exclude device flags #2417\n * [ENHANCEMENT] Add node_softirqs_total metric #2221\n * [ENHANCEMENT] Add rapl zone name label option #2401\n * [ENHANCEMENT] Add slabinfo collector #1799\n * [ENHANCEMENT] Allow user to select port on NTP server to query #2270\n * [ENHANCEMENT] collector/diskstats: Add labels and metrics from udev #2404\n * [ENHANCEMENT] Enable builds against older macOS SDK #2327\n * [ENHANCEMENT] qdisk-linux: Add exclude and include flags for interface name #2432\n * [ENHANCEMENT] systemd: Expose systemd minor version #2282\n * [ENHANCEMENT] Use netlink for tcpstat collector #2322\n * [ENHANCEMENT] Use netlink to get netdev stats #2074\n * [ENHANCEMENT] Add additional perf counters for stalled frontend/backend cycles #2191\n * [ENHANCEMENT] Add btrfs device error stats #2193\n * [BUGFIX] [node-mixin] Fix fsSpaceAvailableCriticalThreshold and fsSpaceAvailableWarning #2352\n * [BUGFIX] Fix concurrency issue in ethtool collector #2289\n * [BUGFIX] Fix concurrency issue in netdev collector #2267\n * [BUGFIX] Fix diskstat reads and write metrics for disks with different sector sizes #2311\n * [BUGFIX] Fix iostat on macos broken by deprecation warning #2292\n * [BUGFIX] Fix NodeFileDescriptorLimit alerts #2340\n * [BUGFIX] Sanitize rapl zone names #2299\n * [BUGFIX] Add file descriptor close safely in test #2447\n * [BUGFIX] Fix race condition in os_release.go #2454\n * [BUGFIX] Skip ZFS IO metrics if their paths are missing #2451\n- BuildRequire go1.18 OR HIGHER (previously this was fixed to 1.14)\n- Update to 1.3.1\n * [BUGFIX] Handle nil CPU thermal power status on M1 #2218\n * [BUGFIX] bsd: Ignore filesystems flagged as MNT_IGNORE. #2227\n * [BUGFIX] Sanitize UTF-8 in dmi collector #2229\n- Exclude s390 arch.\n- Update spec file in order to make --version work (bsc#1196652)\n\ngolang-github-prometheus-prometheus:\n\n- Update to 2.45.0 (jsc#PED-5406):\n * [FEATURE] API: New limit parameter to limit the number of items\n returned by `/api/v1/status/tsdb` endpoint. \n * [FEATURE] Config: Add limits to global config. \n * [FEATURE] Consul SD: Added support for `path_prefix`. \n * [FEATURE] Native histograms: Add option to scrape both classic\n and native histograms. \n * [FEATURE] Native histograms: Added support for two more\n arithmetic operators `avg_over_time` and `sum_over_time`.\n * [FEATURE] Promtool: When providing the block id, only one block\n will be loaded and analyzed. \n * [FEATURE] Remote-write: New Azure ad configuration to support\n remote writing directly to Azure Monitor workspace. \n * [FEATURE] TSDB: Samples per chunk are now configurable with\n flag `storage.tsdb.samples-per-chunk`. By default set to its\n former value 120. \n * [ENHANCEMENT] Native histograms: bucket size can now be limited\n to avoid scrape fails. \n * [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL\n sooner. \n * [BUGFIX] Native histograms: ChunkSeries iterator now checks if\n a new sample can be appended to the open chunk. \n * [BUGFIX] Native histograms: Fix Histogram Appender\n `Appendable()` segfault. \n * [BUGFIX] Native histograms: Fix setting reset header to gauge\n histograms in seriesToChunkEncoder. \n * [BUGFIX] TSDB: Tombstone intervals are not modified after Get()\n call. \n * [BUGFIX] TSDB: Use path/filepath to set the WAL directory.\n- Update to 2.44.0:\n * [FEATURE] Remote-read: Handle native histograms. \n * [FEATURE] Promtool: Health and readiness check of prometheus\n server in CLI. \n * [FEATURE] PromQL: Add `query_samples_total` metric, the total\n number of samples loaded by all queries.\n * [ENHANCEMENT] Storage: Optimise buffer used to iterate through\n samples.\n * [ENHANCEMENT] Scrape: Reduce memory allocations on target\n labels.\n * [ENHANCEMENT] PromQL: Use faster heap method for `topk()` /\n `bottomk()`.\n * [ENHANCEMENT] Rules API: Allow filtering by rule name.\n * [ENHANCEMENT] Native Histograms: Various fixes and\n improvements.\n * [ENHANCEMENT] UI: Search of scraping pools is now\n case-insensitive.\n * [ENHANCEMENT] TSDB: Add an affirmative log message for\n successful WAL repair.\n * [BUGFIX] TSDB: Block compaction failed when shutting down.\n * [BUGFIX] TSDB: Out-of-order chunks could be ignored if the\n write-behind log was deleted.\n- Update to 2.43.1\n * [BUGFIX] Labels: Set() after Del() would be ignored, which\n broke some relabeling rules.\n- Update to 2.43.0:\n * [FEATURE] Promtool: Add HTTP client configuration to query\n commands.\n * [FEATURE] Scrape: Add `include_scrape_configs` to include\n scrape configs from different files.\n * [FEATURE] HTTP client: Add `no_proxy` to exclude URLs from\n proxied requests.\n * [FEATURE] HTTP client: Add `proxy_from_enviroment` to read\n proxies from env variables.\n * [ENHANCEMENT] API: Add support for setting lookback delta per\n query via the API.\n * [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499\n if a request is canceled.\n * [ENHANCEMENT] Scrape: Allow exemplars for all metric types.\n * [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders\n size.\n * [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot\n with index that is ahead of WAL.\n * [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to\n be more comprehensible.\n * [ENHANCEMENT] UI: Scope `group by` labels to metric in\n autocompletion.\n * [BUGFIX] Scrape: Fix\n `prometheus_target_scrape_pool_target_limit` metric not set\n before reloading.\n * [BUGFIX] TSDB: Correctly update\n `prometheus_tsdb_head_chunks_removed_total` and\n `prometheus_tsdb_head_chunks` metrics when reading WAL.\n * [BUGFIX] TSDB: Use the correct unit (seconds) when recording\n out-of-order append deltas in the\n `prometheus_tsdb_sample_ooo_delta` metric.\n- Update to 2.42.0:\n This release comes with a bunch of feature coverage for native\n histograms and breaking changes.\n If you are trying native histograms already, we recommend you\n remove the `wal` directory when upgrading.\n Because the old WAL record for native histograms is not\n backward compatible in v2.42.0, this will lead to some data\n loss for the latest data.\n Additionally, if you scrape \u0027float histograms\u0027 or use recording\n rules on native histograms in v2.42.0 (which writes float\n histograms), it is a one-way street since older versions do not\n support float histograms.\n * [CHANGE] **breaking** TSDB: Changed WAL record format for the\n experimental native histograms.\n * [FEATURE] Add \u0027keep_firing_for\u0027 field to alerting rules.\n * [FEATURE] Promtool: Add support of selecting timeseries for\n TSDB dump.\n * [ENHANCEMENT] Agent: Native histogram support.\n * [ENHANCEMENT] Rules: Support native histograms in recording\n rules.\n * [ENHANCEMENT] SD: Add container ID as a meta label for pod\n targets for Kubernetes.\n * [ENHANCEMENT] SD: Add VM size label to azure service\n discovery.\n * [ENHANCEMENT] Support native histograms in federation.\n * [ENHANCEMENT] TSDB: Add gauge histogram support.\n * [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that\n represents buckets as float64 values.\n * [ENHANCEMENT] UI: Show individual scrape pools on /targets\n page.\n- Update to 2.41.0:\n * [FEATURE] Relabeling: Add keepequal and dropequal relabel\n actions.\n * [FEATURE] Add support for HTTP proxy headers. \n * [ENHANCEMENT] Reload private certificates when changed on disk.\n * [ENHANCEMENT] Add max_version to specify maximum TLS version in\n tls_config.\n * [ENHANCEMENT] Add goos and goarch labels to\n prometheus_build_info.\n * [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs.\n * [ENHANCEMENT] SD: Add new metric\n prometheus_sd_file_watcher_errors_total.\n * [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling.\n * [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in\n iterators.\n * [ENHANCEMENT] TSDB: Optimize postings offset table reading.\n * [BUGFIX] Scrape: Validate the metric name, label names, and\n label values after relabeling.\n * [BUGFIX] Remote Write receiver and rule manager: Fix error\n handling.\n- Update to 2.40.7:\n * [BUGFIX] TSDB: Fix queries involving negative buckets of native\n histograms.\n- Update to 2.40.5:\n * [BUGFIX] TSDB: Fix queries involving native histograms due to\n improper reset of iterators.\n- Update to 2.40.3:\n * [BUGFIX] TSDB: Fix compaction after a deletion is called.\n- Update to 2.40.2:\n * [BUGFIX] UI: Fix black-on-black metric name color in dark mode.\n- Update to 2.40.1:\n * [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit\n architecture.\n * [BUGFIX] Scrape: Fix accept headers.\n- Update to 2.40.0:\n * [FEATURE] Add experimental support for native histograms.\n Enable with the flag --enable-feature=native-histograms.\n * [FEATURE] SD: Add service discovery for OVHcloud.\n * [ENHANCEMENT] Kubernetes SD: Use protobuf encoding.\n * [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved\n sorting speed.\n * [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds\n __meta_consul_partition label. Adds partition config in\n consul_sd_config.\n * [BUGFIX] API: Fix API error codes for /api/v1/labels and\n /api/v1/series.\n- Update to 2.39.1:\n * [BUGFIX] Rules: Fix notifier relabel changing the labels on\n active alerts.\n- Update to 2.39.0:\n * [FEATURE] experimental TSDB: Add support for ingesting\n out-of-order samples. This is configured via\n out_of_order_time_window field in the config file; check config\n file docs for more info.\n * [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also\n respond to a HEAD request on top of existing GET support.\n * [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label.\n * [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label.\n * [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region\n label.\n * [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory.\n * [ENHANCEMENT] TSDB: Improve WAL replay timings.\n * [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary\n data in the memory.\n * [ENHANCEMENT] TSDB: Allow overlapping blocks by default.\n --storage.tsdb.allow-overlapping-blocks now has no effect.\n * [ENHANCEMENT] UI: Click to copy label-value pair from query\n result to clipboard.\n * [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a\n memory leak.\n * [BUGFIX] TSDB: Fix \u0027invalid magic number 0\u0027 error on Prometheus\n startup.\n * [BUGFIX] PromQL: Properly close file descriptor when logging\n unfinished queries.\n * [BUGFIX] Agent: Fix validation of flag options and prevent WAL\n from growing more than desired.\n- Update to 2.38.0:\n * [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint\n that allows pretty-formatting PromQL expressions.\n * [FEATURE]: UI: Add support for formatting PromQL expressions in\n the UI.\n * [FEATURE]: DNS SD: Support MX records for discovering targets.\n * [FEATURE]: Templates: Add toTime() template function that\n allows converting sample timestamps to Go time.Time values.\n * [ENHANCEMENT]: Kubernetes SD: Add\n __meta_kubernetes_service_port_number meta label indicating the\n service port number.\n __meta_kubernetes_pod_container_image meta label indicating the\n container image.\n * [ENHANCEMENT]: PromQL: When a query panics, also log the query\n itself alongside the panic message.\n * [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve\n the contrast ratio.\n * [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding\n locks and using atomic types instead.\n * [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature\n flag, which omits or removes any default HTTP (:80) or HTTPS\n (:443) ports in the target\u0027s scrape address.\n * [BUGFIX]: TSDB: In the WAL watcher metrics, expose the\n type=\u0027exemplar\u0027 label instead of type=\u0027unknown\u0027 for exemplar\n records.\n * [BUGFIX]: TSDB: Fix race condition around allocating series IDs\n during chunk snapshot loading.\n- Remove npm_licenses.tar.bz2 during \u0027make clean\u0027\n- Remove web-ui archives during \u0027make clean\u0027.\n- Require promu \u003e= 0.14.0 for building\n- Upgrade to version 2.37.6\n * Require Go 1.19\n- Upgrade to version 2.37.5\n * [SECURITY] Security upgrade from go and upstream dependencies\n that include security fixes to the net/http and os packages.\n- Upgrade to version 2.37.4\n * [SECURITY] CVE-2022-46146: Fix basic authentication bypass vulnerability (bsc#1208049, jsc#PED-3576)\n- Upgrade to version 2.37.3\n * [BUGFIX] CVE-2022-41715: Update our regexp library to fix upstream vulnerability (bnc#1204023)\n * [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a\n memory leak.\n- Upgrade to version 2.37.2\n * [BUGFIX] TSDB: Fix \u0027invalid magic number 0\u0027 error on Prometheus\n startup.\n * [BUGFIX] Agent: Fix validation of flag options and prevent WAL\n from growing more than desired.\n- Upgrade to version 2.37.1\n * [BUGFIX] Properly close file descriptor when logging unfinished\n queries.\n * [BUGFIX] TSDB: In the WAL watcher metrics, expose the\n- Upgrade to version 2.37.0\n * [FEATURE] Nomad SD: New service discovery for Nomad built-in\n service discovery.\n * [ENHANCEMENT] Kubernetes SD: Allow attaching node labels for\n endpoint role.\n * [ENHANCEMENT] PromQL: Optimise creation of signature\n with/without labels.\n * [ENHANCEMENT] TSDB: Memory optimizations.\n * [ENHANCEMENT] TSDB: Reduce sleep time when reading WAL.\n * [ENHANCEMENT] OAuth2: Add appropriate timeouts and User-Agent\n header.\n * [BUGFIX] Alerting: Fix Alertmanager targets not being updated\n when alerts were queued.\n * [BUGFIX] Hetzner SD: Make authentication files relative to\n Prometheus config file.\n * [BUGFIX] Promtool: Fix promtool check config not erroring\n properly on failures.\n * [BUGFIX] Scrape: Keep relabeled scrape interval and timeout on\n reloads.\n * [BUGFIX] TSDB: Don\u0027t increment\n prometheus_tsdb_compactions_failed_total when context is\n canceled.\n * [BUGFIX] TSDB: Fix panic if series is not found when deleting\n series.\n * [BUGFIX] TSDB: Increase\n prometheus_tsdb_mmap_chunk_corruptions_total on out of sequence\n errors.\n * [BUGFIX] Uyuni SD: Make authentication files relative to\n Prometheus configuration file and fix default configuration\n values.\n- Upgrade to version 2.36.2\n * [BUGFIX] Fix serving of static assets like fonts and favicon.\n- Upgrade to version 2.36.1\n * [BUGFIX] promtool: Add --lint-fatal option.\n- Upgrade to version 2.36.0\n * [FEATURE] Add lowercase and uppercase relabel action.\n * [FEATURE] SD: Add IONOS Cloud integration.\n * [FEATURE] SD: Add Vultr integration.\n * [FEATURE] SD: Add Linode SD failure count metric.\n * [FEATURE] Add prometheus_ready metric.\n * [ENHANCEMENT] Add stripDomain to template function.\n * [ENHANCEMENT] UI: Enable active search through dropped targets.\n * [ENHANCEMENT] promtool: support matchers when querying label\n * [ENHANCEMENT] Add agent mode identifier.\n * [BUGFIX] Changing TotalQueryableSamples from int to int64.\n * [BUGFIX] tsdb/agent: Ignore duplicate exemplars.\n * [BUGFIX] TSDB: Fix chunk overflow appending samples at a\n variable rate.\n * [BUGFIX] Stop rule manager before TSDB is stopped.\n- Upgrade to version 2.35.0\n * [CHANGE] TSDB: Delete *.tmp WAL files when Prometheus starts.\n * [CHANGE] promtool: Add new flag --lint (enabled by default) for\n the commands check rules and check config, resulting in a new\n exit code (3) for linter errors.\n * [FEATURE] Support for automatically setting the variable\n GOMAXPROCS to the container CPU limit. Enable with the flag\n --enable-feature=auto-gomaxprocs.\n * [FEATURE] PromQL: Extend statistics with total and peak number\n of samples in a query. Additionally, per-step statistics are\n available with --enable-feature=promql-per-step-stats and using\n stats=all in the query API. Enable with the flag\n --enable-feature=per-step-stats.\n * [ENHANCEMENT] TSDB: more efficient sorting of postings read from\n WAL at startup.\n * [ENHANCEMENT] Azure SD: Add metric to track Azure SD failures.\n * [ENHANCEMENT] Azure SD: Add an optional resource_group\n configuration.\n * [ENHANCEMENT] Kubernetes SD: Support discovery.k8s.io/v1\n EndpointSlice (previously only discovery.k8s.io/v1beta1\n EndpointSlice was supported).\n * [ENHANCEMENT] Kubernetes SD: Allow attaching node metadata to\n discovered pods.\n * [ENHANCEMENT] OAuth2: Support for using a proxy URL to fetch\n OAuth2 tokens.\n * [ENHANCEMENT] Configuration: Add the ability to disable HTTP2.\n * [ENHANCEMENT] Config: Support overriding minimum TLS version.\n * [BUGFIX] Kubernetes SD: Explicitly include gcp auth from k8s.io.\n * [BUGFIX] Fix OpenMetrics parser to sort uppercase labels\n correctly.\n * [BUGFIX] UI: Fix scrape interval and duration tooltip not\n showing on target page.\n * [BUGFIX] Tracing/GRPC: Set TLS credentials only when insecure is\n false.\n * [BUGFIX] Agent: Fix ID collision when loading a WAL with\n multiple segments.\n * [BUGFIX] Remote-write: Fix a deadlock between Batch and flushing\n the queue.\n- Upgrade to version 2.34.0\n * [CHANGE] UI: Classic UI removed.\n * [CHANGE] Tracing: Migrate from Jaeger to OpenTelemetry based\n tracing.\n * [ENHANCEMENT] TSDB: Disable the chunk write queue by default and\n allow configuration with the experimental flag\n --storage.tsdb.head-chunks-write-queue-size.\n * [ENHANCEMENT] HTTP SD: Add a failure counter.\n * [ENHANCEMENT] Azure SD: Set Prometheus User-Agent on requests.\n * [ENHANCEMENT] Uyuni SD: Reduce the number of logins to Uyuni.\n * [ENHANCEMENT] Scrape: Log when an invalid media type is\n encountered during a scrape.\n * [ENHANCEMENT] Scrape: Accept\n application/openmetrics-text;version=1.0.0 in addition to\n version=0.0.1.\n * [ENHANCEMENT] Remote-read: Add an option to not use external\n labels as selectors for remote read.\n * [ENHANCEMENT] UI: Optimize the alerts page and add a search bar.\n * [ENHANCEMENT] UI: Improve graph colors that were hard to see.\n * [ENHANCEMENT] Config: Allow escaping of $ with $$ when using\n environment variables with external labels.\n * [BUGFIX] PromQL: Properly return an error from\n histogram_quantile when metrics have the same labelset.\n * [BUGFIX] UI: Fix bug that sets the range input to the\n resolution.\n * [BUGFIX] TSDB: Fix a query panic when\n memory-snapshot-on-shutdown is enabled.\n * [BUGFIX] Parser: Specify type in metadata parser errors.\n * [BUGFIX] Scrape: Fix label limit changes not applying.\n- Upgrade to version 2.33.5\n * [BUGFIX] Remote-write: Fix deadlock between adding to queue and\n getting batch.\n- Upgrade to version 2.33.4\n * [BUGFIX] TSDB: Fix panic when m-mapping head chunks onto the\n disk.\n- Upgrade to version 2.33.3\n * [BUGFIX] Azure SD: Fix a regression when public IP Address isn\u0027t\n set.\n- Upgrade to version 2.33.2\n * [BUGFIX] Azure SD: Fix panic when public IP Address isn\u0027t set.\n * [BUGFIX] Remote-write: Fix deadlock when stopping a shard.\n- Upgrade to version 2.33.1\n * [BUGFIX] SD: Fix no such file or directory in K8s SD when not\n running inside K8s.\n- Upgrade to version 2.33.0\n * [CHANGE] PromQL: Promote negative offset and @ modifer to stable\n features.\n * [CHANGE] Web: Promote remote-write-receiver to stable.\n * [FEATURE] Config: Add stripPort template function.\n * [FEATURE] Promtool: Add cardinality analysis to check metrics,\n enabled by flag --extended.\n * [FEATURE] SD: Enable target discovery in own K8s namespace.\n * [FEATURE] SD: Add provider ID label in K8s SD.\n * [FEATURE] Web: Add limit field to the rules API.\n * [ENHANCEMENT] Remote-write: Avoid allocations by buffering\n concrete structs instead of interfaces.\n * [ENHANCEMENT] Remote-write: Log time series details for\n out-of-order samples in remote write receiver.\n * [ENHANCEMENT] Remote-write: Shard up more when backlogged.\n * [ENHANCEMENT] TSDB: Use simpler map key to improve exemplar\n ingest performance.\n * [ENHANCEMENT] TSDB: Avoid allocations when popping from the\n intersected postings heap.\n * [ENHANCEMENT] TSDB: Make chunk writing non-blocking, avoiding\n latency spikes in remote-write.\n * [ENHANCEMENT] TSDB: Improve label matching performance.\n * [ENHANCEMENT] UI: Optimize the service discovery page and add a search bar.\n * [ENHANCEMENT] UI: Optimize the target page and add a search bar.\n * [BUGFIX] Promtool: Make exit codes more consistent.\n * [BUGFIX] Promtool: Fix flakiness of rule testing.\n * [BUGFIX] Remote-write: Update\n prometheus_remote_storage_queue_highest_sent_timestamp_seconds\n metric when write irrecoverably fails.\n * [BUGFIX] Storage: Avoid panic in BufferedSeriesIterator.\n * [BUGFIX] TSDB: CompactBlockMetas should produce correct\n mint/maxt for overlapping blocks.\n * [BUGFIX] TSDB: Fix logging of exemplar storage size.\n * [BUGFIX] UI: Fix overlapping click targets for the alert state\n checkboxes.\n * [BUGFIX] UI: Fix Unhealthy filter on target page to actually\n display only Unhealthy targets.\n * [BUGFIX] UI: Fix autocompletion when expression is empty.\n * [BUGFIX] TSDB: Fix deadlock from simultaneous GC and write.\n- CVE-2022-46146: Fix authentication bypass by updating Prometheus Exporter Toolkit\n to version 0.7.3 (bsc#1208049)\n- CVE-2022-41723: Fix uncontrolled resource consumption by updating Go to version\n 1.20.1 (bsc#1208298)\n\ngolang-github-prometheus-promu:\n\n- Always set user and host build metadata to constant string to\n achieve reproducible builds (compare reproducible-builds.org)\n- Add 0001-do_not_discover_user_host_for_reproducible_builds.patch\n- Require Go \u003e= 1.19 for building\n- Require Go \u003e= 1.18 for building Red Hat packages\n- Update to version 0.14.0 (jsc#PED-3576):\n * Add the ability to override tags per GOOS\n * Remove ioutil\n * Update common Prometheus files (#232) (#224)\n * Validate environment variable value\n * Set build date from SOURCE_DATE_EPOCH\n- Update to Go 1.18\n- Exclude s390 architecture.\n- Set build date from last changelog modification (bsc#1047218)\n- Adapted for Enterprise Linux build.\n- Build requires Go 1.15\n * Make extldflags extensible by configuration. #125\n * Avoid bind-mounting to allow building with a remote docker engine #95\n- Update to 0.2.0\n + Features:\n * Adding changes to support s390x\n * Add option to disable static linking\n * Add support for 32bit MIPS.\n * Added check_licenses Command to Promu\n + Enhancements:\n * Allow to customize nested options via env variables\n * Bump Go version to 1.11\n * Add warning if promu info is unable to determine repo info\n + Bug Fixes:\n * Fix build on SmartOS by not setting gcc\u0027s -static flag\n * Fix git repository url parsing\n- Update to 0.1.0\n- Initial version\n\ngrafana:\n\n- Update to version 9.5.8:\n * Please, check the release notes for further details.\n * Security fixes provided in this and previous versions:\n * CVE-2023-3128: Authentication bypass using Azure AD OAuth (bsc#1212641, jsc#PED-3694)\n * CVE-2023-2801: Prevent crash while executing concurrent mixed queries (bsc#1212099)\n * CVE-2023-2183: Require alert.notifications:write permissions to test receivers and templates (bsc#1212100)\n * CVE-2023-1387: JWT URL-login flow leaks token to data sources through request parameter in proxy \n requests (bsc#1210907, jsc#PED-3694)\n * CVE-2023-1410: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)\n * CVE-2020-7753: Regular Expression Denial of Service (ReDoS) in trim function (bsc#1218843)\n * CVE-2021-3807: Regular expressionDdenial of Service (ReDoS) matching ANSI escape codes (bsc#1192154)\n * CVE-2021-3918: Improperly Controlled Modification of Object Prototype Attributes (bsc#1192696)\n * CVE-2021-43138: A malicious user can obtain privileges via the mapValues() method (bsc#1200480)\n * CVE-2022-0155: Exposure of Private Personal Information to an Unauthorized Actor (bsc#1218844)\n * CVE-2022-31107: OAuth account takeover (bsc#1201539)\n * CVE-2022-31097: Stored XSS vulnerability (bsc#1201535)\n * CVE-2023-1410: Fix XSS in Graphite functions tooltip (bsc#1209645)\n * CVE-2023-0507: Apply attribute sanitation to GeomapPanel (bsc#1208821)\n * CVE-2023-0594: Avoid storing XSS in TraceView panel (bsc#1208819)\n * CVE-2022-46146: Fix basic authentication bypass by updating the exporter toolkit to \n version 0.7.3 (bsc#1208065)\n * CVE-2022-41723: Require Go 1.19 or newer (bsc#1208293)\n * CVE-2022-23552: SVG: Add dompurify preprocessor step (bsc#1207749)\n * CVE-2022-39324: Snapshots: Fix originalUrl spoof security issue (bsc#1207750)\n * CVE-2022-39306: Fix for privilege escalation (bsc#1205225)\n * CVE-2022-39307: Omit error from http response when user does not\n exists (bsc#1205227)\n * CVE-2022-39201: Fix do not forward login cookie in outgoing requests (bsc#1204303)\n * CVE-2022-31130: Make proxy endpoints not leak sensitive HTTP headers (bsc#1204305)\n * CVE-2022-31123: Fix plugin signature bypass (bsc#1204302)\n * CVE-2022-39229: Fix blocknig other users from signing in (bsc#1204304)\n * CVE-2022-36062: RBAC folders/dashboards privilege escalation (bsc#1203596, jsc#PED-2145)\n * CVE-2022-35957: Escalation from admin to server admin when auth proxy is used (bsc#1203597, jsc#PED-2145)\n * CVE-2022-31107: OAuth account takeover (bsc#1201539)\n * CVE-2022-31097: Stored XSS vulnerability (bsc#1201535)\n * CVE-2022-29170: Request security bypass via malicious redirect (bsc#1199810)\n * CVE-2022-31097: XSS vulnerability in the Unified Alerting (bsc#1201535)\n * CVE-2022-31107: OAuth account takeover vulnerability (bsc#1201539)\n * CVE-2022-21702: XSS vulnerability in handling data sources (bsc#1195726, jsc#SLE-23439, jsc#SLE-23422, jsc#SLE-24565)\n * CVE-2022-21703: Cross-origin request forgery vulnerability (bsc#1195727)\n * CVE-2022-21713: Insecure Direct Object Reference vulnerability in Teams API (bsc#1195728)\n * CVE-2022-21673: GetUserInfo: return an error if no user was found (bsc#1194873)\n * CVE-2021-43813: Directory traversal vulnerability for .md files (bsc#1193688)\n * CVE-2021-43815: Directory traversal for .csv files (bsc#1193686)\n * CVE-2021-43798: arbitrary file read in the graph native plugin (bsc#1193492)\n * CVE-2021-43798: Arbitrary file read in the graph native plugin (bsc#1193492)\n * CVE-2021-41244: Grafana 8.2.4 released with security fixes (bsc#1192763)\n * Security: Fixes CVE-2021-41174, bsc#1192383.\n * Security: Update dependencies to fix CVE-2021-36222, bsc#1188571.\n\nkiwi-desc-saltboot:\n\n- Update to version 0.1.1687520761.cefb248\n * Add osimage cert package to bootstrap for\n SUSE Linux Enterprise 12 images (bsc#1204089)\n- Update to version 0.1.1673279145.e7616bd\n * Add failsafe stop file when salt-minion does not stop (bsc#1172110)\n- Update to version 0.1.1661440542.6cbe0da\n * Use standard susemanager.conf\n * Use salt bundle\n * Add support fo VirtIO disks\n\nmgr-push:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.6-1\n * Remove unused makefiles\n- Version 4.4.5-1\n * Use http to connect to localhost server\n * Use bundle CA certificate in rhnpush\n- Version 4.4.4-1\n * remove pylint check at build time\n- Version 4.4.3-1\n * Ensure installation of make for building\n- Version 4.4.2-1\n * Update translation strings\n- Version 4.4.1-1\n * Bump version to 4.4.0\n\nprometheus-blackbox_exporter:\n\n- Use obscpio for go modules service\n- Set version number\n- Set build date from SOURCE_DATE_EPOCH\n- Update to 0.24.0 (bsc#1212279, jsc#PED-4556)\n * Requires go1.19\n- Avoid empty validation script\n- Add rc symlink for backwards compatibility\n- Fix authentication bypass via cache poisoning\n (CVE-2022-46146, bsc#1208062)\n- Add `min_version` parameter of `tls_config` to allow enabling\n TLS 1.0 and 1.1 (bsc#1209113)\n- On SUSE Linux Enterprise build always with Go \u003e= 1.19 (bsc#1203599)\n- Build with go1.18 only for SLE-15-SP3 and \n build with \u003e= go1.19 on higher SP (bsc#1203599)\n- Require go1.18 (bsc#1203599, GH#19127)\n- Exclude s390 arch\n- Fix %pre section to avoid empty content\n- Updated to allow building on older rpmbuild.\n- Enhanced to build on Enterprise Linux 8\n\nprometheus-postgres_exporter:\n\n- Remove duplicated call to systemd requirements\n- Do not build debug if RHEL \u003e= 8\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Build at least with with Go \u003e= 1.18 on RHEL\n- Build with Go \u003e= 1.20 elsewhere\n- Adapt the systemd service security configuration\n to be able to start it on RHEL systems and clones\n- Create the prometheus user for RHEL systems and clones\n- Add 0001-Update-prometheus-exporter-toolkit-to-0.7.3.patch\n * Fix authentication bypass via cache poisoning\n (CVE-2022-46146, bsc#1208060)\n- Fix _service to pull correct version\n- Use go_modules source service\n- Upgrade to version 0.10.1:\n * Fix broken log-level for values other than debug (bsc#1208965)\n- Version/release lines above first usage of those macros.\n gh#uyuni-project/uyuni#5418\n- Prevent empty %pre section\n- Exclude s390 builds \n- Updated for RHEL8.\n\npython-hwdata:\n\n- Declare the LICENSE file as license and not doc\n\nrhnlib:\n\n- Version 5.0.1-1\n * Specify a packager for Debian like distros\n- Version 4.4.6-1\n * Remove unused makefiles\n- Version 4.4.5-1\n * Use bundle CA certificate in rhnpush\n- Version 4.4.4-1\n * Only use TLSv1+ for SSL connections\n- Version 4.4.3-1\n * Ensure installation of make for building\n- Version 4.4.2-1\n * Don\u0027t get stuck at the end of SSL transfers (bsc#1204032)\n- Version 4.4.1-1\n * Bump version to 4.4.0\n\nspacecmd:\n\n- Version 5.0.1-1\n * Use localhost without ssl when running on the server\n- Version 4.4.10-1\n * Update translation strings\n- Version 4.4.9-1\n- Version 4.4.8-1\n * Add spacecmd function: cryptokey_update\n * Bypass traditional systems check on older SUMA instances (bsc#1208612)\n * fix argument parsing of distribution_update (bsc#1210458)\n- Version 4.4.7-1\n * remove pylint check at build time\n * Display activation key details after executing the corresponding command (bsc#1208719)\n * Show targetted packages before actually removing them (bsc#1207830)\n- Version 4.4.6-1\n * Fix spacecmd not showing any output for softwarechannel_diff \n and softwarechannel_errata_diff (bsc#1207352)\n- Version 4.4.5-1\n * Prevent string api parameters to be parsed as dates if not in\n ISO-8601 format (bsc#1205759)\n * Add python-dateutil dependency, required to process date values in\n spacecmd api calls\n * Remove python3-simplejson dependency\n- Version 4.4.4-1\n * Correctly understand \u0027ssm\u0027 keyword on scap scheduling\n * Add vendor_advisory information to errata_details call (bsc#1205207)\n * Change default port of \u0027Containerized Proxy configuration\u0027 8022\n- Version 4.4.3-1\n * Added two missing options to schedule product migration: allow-vendor-change\n and remove-products-without-successor (bsc#1204126)\n * Changed schedule product migration to use the correct API method\n * Fix dict_keys not supporting indexing in systems_setconfigchannelorger\n * Added a warning message for traditional stack deprecation\n * Remove \u0027Undefined return code\u0027 from debug messages (bsc#1203283)\n- Version 4.4.2-1\n * Stop always showing help for valid proxy_container_config calls\n- Version 4.4.1-1\n * Process date values in spacecmd api calls (bsc#1198903)\n * Improve Proxy FQDN hint message\n- Version 4.3.14-1\n * Fix missing argument on system_listmigrationtargets (bsc#1201003)\n * Show correct help on calling kickstart_importjson with no arguments\n * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)\n * Change proxy container config default filename to end with tar.gz\n- Version 4.3.13-1\n * Update translation strings\n- Version 4.3.12-1\n * Update translation strings\n- Version 4.3.11-1\n * on full system update call schedulePackageUpdate API (bsc#1197507)\n\nspacewalk-client-tools:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.7-1\n * Remove unused and deprecated/removed platform.dist import.\n- Version 4.4.6-1\n * Update translation strings\n * Tito requires to list the package source as %{name}-%{version}.tar.gz\n- Version 4.4.5-1\n * remove mgr-virtualization usage\n * remove dependency to suseRegisterInfo\n- Version 4.4.4-1\n * Update translation strings\n- Version 4.4.3-1\n * Update translation strings\n- Version 4.4.2-1\n * Update translation strings\n- Version 4.4.1-1\n * Update translation strings\n- Version 4.3.11-1\n * Update translation strings\n- Version 4.3.10-1\n\nsupportutils-plugin-salt:\n\n- Update to version 1.2.2\n * Remove possible passwords from Salt configuration files (bsc#1201059)\n- Update to version 1.2.1\n * Remove ERROR messages on Salt client systems\n- Declare the LICENSE file as license and not doc\n- Update to version 1.2.0\n * Add support for Salt Bundle\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.2-1\n * write configured crypto-policy in supportconfig\n * add cloud and payg checks\n- Version 4.4.1-1\n * Bump version to 4.4.0\n- Version 4.3.2-1\n * Add proxy containers config and logs\n\nuyuni-common-libs:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.4-1\n * Workaround for python3-debian bug about collecting control file (bsc#1211525, bsc#1208692)\n * Accept missing rhn.conf file\n * Use context manager for apache users in fileutils.py.\n- Version 4.4.3-1\n * Ensure installation of make for building.\n * Use versioned Python during packaging.\n- Version 4.4.2-1\n * unify user notification code on java side\n- Version 4.4.1-1\n * Do not allow creating path if nonexistent user or group in fileutils.\n- Version 4.3.5-1\n * Fix reposync issue about \u0027rpm.hdr\u0027 object has no attribute \u0027get\u0027\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-191,SUSE-SLE-Manager-Tools-12-BETA-2024-191",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0191-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0191-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240191-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0191-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017744.html"
},
{
"category": "self",
"summary": "SUSE Bug 1047218",
"url": "https://bugzilla.suse.com/1047218"
},
{
"category": "self",
"summary": "SUSE Bug 1172110",
"url": "https://bugzilla.suse.com/1172110"
},
{
"category": "self",
"summary": "SUSE Bug 1188571",
"url": "https://bugzilla.suse.com/1188571"
},
{
"category": "self",
"summary": "SUSE Bug 1189520",
"url": "https://bugzilla.suse.com/1189520"
},
{
"category": "self",
"summary": "SUSE Bug 1191454",
"url": "https://bugzilla.suse.com/1191454"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192383",
"url": "https://bugzilla.suse.com/1192383"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1192763",
"url": "https://bugzilla.suse.com/1192763"
},
{
"category": "self",
"summary": "SUSE Bug 1193492",
"url": "https://bugzilla.suse.com/1193492"
},
{
"category": "self",
"summary": "SUSE Bug 1193686",
"url": "https://bugzilla.suse.com/1193686"
},
{
"category": "self",
"summary": "SUSE Bug 1193688",
"url": "https://bugzilla.suse.com/1193688"
},
{
"category": "self",
"summary": "SUSE Bug 1194873",
"url": "https://bugzilla.suse.com/1194873"
},
{
"category": "self",
"summary": "SUSE Bug 1195726",
"url": "https://bugzilla.suse.com/1195726"
},
{
"category": "self",
"summary": "SUSE Bug 1195727",
"url": "https://bugzilla.suse.com/1195727"
},
{
"category": "self",
"summary": "SUSE Bug 1195728",
"url": "https://bugzilla.suse.com/1195728"
},
{
"category": "self",
"summary": "SUSE Bug 1196338",
"url": "https://bugzilla.suse.com/1196338"
},
{
"category": "self",
"summary": "SUSE Bug 1196652",
"url": "https://bugzilla.suse.com/1196652"
},
{
"category": "self",
"summary": "SUSE Bug 1197507",
"url": "https://bugzilla.suse.com/1197507"
},
{
"category": "self",
"summary": "SUSE Bug 1198903",
"url": "https://bugzilla.suse.com/1198903"
},
{
"category": "self",
"summary": "SUSE Bug 1199810",
"url": "https://bugzilla.suse.com/1199810"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1200591",
"url": "https://bugzilla.suse.com/1200591"
},
{
"category": "self",
"summary": "SUSE Bug 1200725",
"url": "https://bugzilla.suse.com/1200725"
},
{
"category": "self",
"summary": "SUSE Bug 1201003",
"url": "https://bugzilla.suse.com/1201003"
},
{
"category": "self",
"summary": "SUSE Bug 1201059",
"url": "https://bugzilla.suse.com/1201059"
},
{
"category": "self",
"summary": "SUSE Bug 1201535",
"url": "https://bugzilla.suse.com/1201535"
},
{
"category": "self",
"summary": "SUSE Bug 1201539",
"url": "https://bugzilla.suse.com/1201539"
},
{
"category": "self",
"summary": "SUSE Bug 1203283",
"url": "https://bugzilla.suse.com/1203283"
},
{
"category": "self",
"summary": "SUSE Bug 1203596",
"url": "https://bugzilla.suse.com/1203596"
},
{
"category": "self",
"summary": "SUSE Bug 1203597",
"url": "https://bugzilla.suse.com/1203597"
},
{
"category": "self",
"summary": "SUSE Bug 1203599",
"url": "https://bugzilla.suse.com/1203599"
},
{
"category": "self",
"summary": "SUSE Bug 1204032",
"url": "https://bugzilla.suse.com/1204032"
},
{
"category": "self",
"summary": "SUSE Bug 1204089",
"url": "https://bugzilla.suse.com/1204089"
},
{
"category": "self",
"summary": "SUSE Bug 1204126",
"url": "https://bugzilla.suse.com/1204126"
},
{
"category": "self",
"summary": "SUSE Bug 1204302",
"url": "https://bugzilla.suse.com/1204302"
},
{
"category": "self",
"summary": "SUSE Bug 1204303",
"url": "https://bugzilla.suse.com/1204303"
},
{
"category": "self",
"summary": "SUSE Bug 1204304",
"url": "https://bugzilla.suse.com/1204304"
},
{
"category": "self",
"summary": "SUSE Bug 1204305",
"url": "https://bugzilla.suse.com/1204305"
},
{
"category": "self",
"summary": "SUSE Bug 1204501",
"url": "https://bugzilla.suse.com/1204501"
},
{
"category": "self",
"summary": "SUSE Bug 1205207",
"url": "https://bugzilla.suse.com/1205207"
},
{
"category": "self",
"summary": "SUSE Bug 1205225",
"url": "https://bugzilla.suse.com/1205225"
},
{
"category": "self",
"summary": "SUSE Bug 1205227",
"url": "https://bugzilla.suse.com/1205227"
},
{
"category": "self",
"summary": "SUSE Bug 1205759",
"url": "https://bugzilla.suse.com/1205759"
},
{
"category": "self",
"summary": "SUSE Bug 1207352",
"url": "https://bugzilla.suse.com/1207352"
},
{
"category": "self",
"summary": "SUSE Bug 1207749",
"url": "https://bugzilla.suse.com/1207749"
},
{
"category": "self",
"summary": "SUSE Bug 1207750",
"url": "https://bugzilla.suse.com/1207750"
},
{
"category": "self",
"summary": "SUSE Bug 1207830",
"url": "https://bugzilla.suse.com/1207830"
},
{
"category": "self",
"summary": "SUSE Bug 1208046",
"url": "https://bugzilla.suse.com/1208046"
},
{
"category": "self",
"summary": "SUSE Bug 1208049",
"url": "https://bugzilla.suse.com/1208049"
},
{
"category": "self",
"summary": "SUSE Bug 1208051",
"url": "https://bugzilla.suse.com/1208051"
},
{
"category": "self",
"summary": "SUSE Bug 1208060",
"url": "https://bugzilla.suse.com/1208060"
},
{
"category": "self",
"summary": "SUSE Bug 1208062",
"url": "https://bugzilla.suse.com/1208062"
},
{
"category": "self",
"summary": "SUSE Bug 1208064",
"url": "https://bugzilla.suse.com/1208064"
},
{
"category": "self",
"summary": "SUSE Bug 1208065",
"url": "https://bugzilla.suse.com/1208065"
},
{
"category": "self",
"summary": "SUSE Bug 1208270",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "self",
"summary": "SUSE Bug 1208293",
"url": "https://bugzilla.suse.com/1208293"
},
{
"category": "self",
"summary": "SUSE Bug 1208298",
"url": "https://bugzilla.suse.com/1208298"
},
{
"category": "self",
"summary": "SUSE Bug 1208612",
"url": "https://bugzilla.suse.com/1208612"
},
{
"category": "self",
"summary": "SUSE Bug 1208692",
"url": "https://bugzilla.suse.com/1208692"
},
{
"category": "self",
"summary": "SUSE Bug 1208719",
"url": "https://bugzilla.suse.com/1208719"
},
{
"category": "self",
"summary": "SUSE Bug 1208819",
"url": "https://bugzilla.suse.com/1208819"
},
{
"category": "self",
"summary": "SUSE Bug 1208821",
"url": "https://bugzilla.suse.com/1208821"
},
{
"category": "self",
"summary": "SUSE Bug 1208965",
"url": "https://bugzilla.suse.com/1208965"
},
{
"category": "self",
"summary": "SUSE Bug 1209113",
"url": "https://bugzilla.suse.com/1209113"
},
{
"category": "self",
"summary": "SUSE Bug 1209645",
"url": "https://bugzilla.suse.com/1209645"
},
{
"category": "self",
"summary": "SUSE Bug 1210458",
"url": "https://bugzilla.suse.com/1210458"
},
{
"category": "self",
"summary": "SUSE Bug 1210907",
"url": "https://bugzilla.suse.com/1210907"
},
{
"category": "self",
"summary": "SUSE Bug 1211525",
"url": "https://bugzilla.suse.com/1211525"
},
{
"category": "self",
"summary": "SUSE Bug 1212099",
"url": "https://bugzilla.suse.com/1212099"
},
{
"category": "self",
"summary": "SUSE Bug 1212100",
"url": "https://bugzilla.suse.com/1212100"
},
{
"category": "self",
"summary": "SUSE Bug 1212279",
"url": "https://bugzilla.suse.com/1212279"
},
{
"category": "self",
"summary": "SUSE Bug 1212641",
"url": "https://bugzilla.suse.com/1212641"
},
{
"category": "self",
"summary": "SUSE Bug 1218843",
"url": "https://bugzilla.suse.com/1218843"
},
{
"category": "self",
"summary": "SUSE Bug 1218844",
"url": "https://bugzilla.suse.com/1218844"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-36222 page",
"url": "https://www.suse.com/security/cve/CVE-2021-36222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3711 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-39226 page",
"url": "https://www.suse.com/security/cve/CVE-2021-39226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41174 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41244 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43798 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43813 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43815 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21673 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21698 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21713 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23552 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27191 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29170 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31107 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31123 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31130 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-35957 page",
"url": "https://www.suse.com/security/cve/CVE-2022-35957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36062 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39201 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39229 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39306 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39306/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39307 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39324 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41723 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0507 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0594 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1387 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1387/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1410 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2183 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2801 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3128 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-40577 page",
"url": "https://www.suse.com/security/cve/CVE-2023-40577/"
}
],
"title": "Security Beta update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2024-01-23T15:18:14Z",
"generator": {
"date": "2024-01-23T15:18:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0191-1",
"initial_release_date": "2024-01-23T15:18:14Z",
"revision_history": [
{
"date": "2024-01-23T15:18:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"product_id": "golang-github-prometheus-promu-0.14.0-4.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-4.21.2.aarch64",
"product": {
"name": "grafana-9.5.8-4.21.2.aarch64",
"product_id": "grafana-9.5.8-4.21.2.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"product_id": "prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"product_id": "prometheus-postgres_exporter-0.10.1-3.6.4.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"product_id": "python2-uyuni-common-libs-5.0.1-3.33.3.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-3.18.2.aarch64",
"product": {
"name": "uyuni-base-common-5.0.1-3.18.2.aarch64",
"product_id": "uyuni-base-common-5.0.1-3.18.2.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-3.18.2.aarch64",
"product": {
"name": "uyuni-base-proxy-5.0.1-3.18.2.aarch64",
"product_id": "uyuni-base-proxy-5.0.1-3.18.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"product": {
"name": "kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"product_id": "kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-push-5.0.1-4.21.4.noarch",
"product": {
"name": "mgr-push-5.0.1-4.21.4.noarch",
"product_id": "mgr-push-5.0.1-4.21.4.noarch"
}
},
{
"category": "product_version",
"name": "python2-hwdata-2.3.5-15.12.2.noarch",
"product": {
"name": "python2-hwdata-2.3.5-15.12.2.noarch",
"product_id": "python2-hwdata-2.3.5-15.12.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-push-5.0.1-4.21.4.noarch",
"product": {
"name": "python2-mgr-push-5.0.1-4.21.4.noarch",
"product_id": "python2-mgr-push-5.0.1-4.21.4.noarch"
}
},
{
"category": "product_version",
"name": "python2-rhnlib-5.0.1-24.30.3.noarch",
"product": {
"name": "python2-rhnlib-5.0.1-24.30.3.noarch",
"product_id": "python2-rhnlib-5.0.1-24.30.3.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.0.1-41.42.3.noarch",
"product": {
"name": "spacecmd-5.0.1-41.42.3.noarch",
"product_id": "spacecmd-5.0.1-41.42.3.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"product": {
"name": "supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"product_id": "supportutils-plugin-salt-1.2.2-9.9.2.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch"
}
},
{
"category": "product_version",
"name": "system-user-grafana-1.0.0-3.7.2.noarch",
"product": {
"name": "system-user-grafana-1.0.0-3.7.2.noarch",
"product_id": "system-user-grafana-1.0.0-3.7.2.noarch"
}
},
{
"category": "product_version",
"name": "system-user-prometheus-1.0.0-3.7.2.noarch",
"product": {
"name": "system-user-prometheus-1.0.0-3.7.2.noarch",
"product_id": "system-user-prometheus-1.0.0-3.7.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"product_id": "golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"product_id": "golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-4.21.2.ppc64le",
"product": {
"name": "grafana-9.5.8-4.21.2.ppc64le",
"product_id": "grafana-9.5.8-4.21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"product_id": "prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"product_id": "python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-3.18.2.ppc64le",
"product": {
"name": "uyuni-base-common-5.0.1-3.18.2.ppc64le",
"product_id": "uyuni-base-common-5.0.1-3.18.2.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-3.18.2.ppc64le",
"product": {
"name": "uyuni-base-proxy-5.0.1-3.18.2.ppc64le",
"product_id": "uyuni-base-proxy-5.0.1-3.18.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.6-4.9.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"product_id": "golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"product_id": "golang-github-prometheus-promu-0.14.0-4.12.2.s390x"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-4.21.2.s390x",
"product": {
"name": "grafana-9.5.8-4.21.2.s390x",
"product_id": "grafana-9.5.8-4.21.2.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"product_id": "prometheus-blackbox_exporter-0.24.0-3.6.3.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"product_id": "prometheus-postgres_exporter-0.10.1-3.6.4.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"product_id": "python2-uyuni-common-libs-5.0.1-3.33.3.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-3.18.2.s390x",
"product": {
"name": "uyuni-base-common-5.0.1-3.18.2.s390x",
"product_id": "uyuni-base-common-5.0.1-3.18.2.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-3.18.2.s390x",
"product": {
"name": "uyuni-base-proxy-5.0.1-3.18.2.s390x",
"product_id": "uyuni-base-proxy-5.0.1-3.18.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"product_id": "golang-github-prometheus-promu-0.14.0-4.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-4.21.2.x86_64",
"product": {
"name": "grafana-9.5.8-4.21.2.x86_64",
"product_id": "grafana-9.5.8-4.21.2.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"product_id": "prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"product_id": "prometheus-postgres_exporter-0.10.1-3.6.4.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"product": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"product_id": "python2-uyuni-common-libs-5.0.1-3.33.3.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.1-3.18.2.x86_64",
"product": {
"name": "uyuni-base-common-5.0.1-3.18.2.x86_64",
"product_id": "uyuni-base-common-5.0.1-3.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.1-3.18.2.x86_64",
"product": {
"name": "uyuni-base-proxy-5.0.1-3.18.2.x86_64",
"product_id": "uyuni-base-proxy-5.0.1-3.18.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 12-BETA",
"product": {
"name": "SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.12.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-4.21.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64"
},
"product_reference": "grafana-9.5.8-4.21.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-4.21.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le"
},
"product_reference": "grafana-9.5.8-4.21.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-4.21.2.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x"
},
"product_reference": "grafana-9.5.8-4.21.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-4.21.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64"
},
"product_reference": "grafana-9.5.8-4.21.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch"
},
"product_reference": "kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.0.1-4.21.4.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch"
},
"product_reference": "mgr-push-5.0.1-4.21.4.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-3.6.4.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-hwdata-2.3.5-15.12.2.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch"
},
"product_reference": "python2-hwdata-2.3.5-15.12.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-mgr-push-5.0.1-4.21.4.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch"
},
"product_reference": "python2-mgr-push-5.0.1-4.21.4.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-rhnlib-5.0.1-24.30.3.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch"
},
"product_reference": "python2-rhnlib-5.0.1-24.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64"
},
"product_reference": "python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le"
},
"product_reference": "python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x"
},
"product_reference": "python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.0.1-3.33.3.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64"
},
"product_reference": "python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.1-41.42.3.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch"
},
"product_reference": "spacecmd-5.0.1-41.42.3.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-salt-1.2.2-9.9.2.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch"
},
"product_reference": "supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-grafana-1.0.0-3.7.2.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch"
},
"product_reference": "system-user-grafana-1.0.0-3.7.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-prometheus-1.0.0-3.7.2.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
},
"product_reference": "system-user-prometheus-1.0.0-3.7.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-36222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-36222"
}
],
"notes": [
{
"category": "general",
"text": "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-36222",
"url": "https://www.suse.com/security/cve/CVE-2021-36222"
},
{
"category": "external",
"summary": "SUSE Bug 1188571 for CVE-2021-36222",
"url": "https://bugzilla.suse.com/1188571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2021-36222"
},
{
"cve": "CVE-2021-3711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3711"
}
],
"notes": [
{
"category": "general",
"text": "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the \"out\" parameter can be NULL and, on exit, the \"outlen\" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the \"out\" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3711",
"url": "https://www.suse.com/security/cve/CVE-2021-3711"
},
{
"category": "external",
"summary": "SUSE Bug 1189520 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1189520"
},
{
"category": "external",
"summary": "SUSE Bug 1190129 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1190129"
},
{
"category": "external",
"summary": "SUSE Bug 1192100 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1192100"
},
{
"category": "external",
"summary": "SUSE Bug 1205663 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1205663"
},
{
"category": "external",
"summary": "SUSE Bug 1225628 for CVE-2021-3711",
"url": "https://bugzilla.suse.com/1225628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "critical"
}
],
"title": "CVE-2021-3711"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-39226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-39226"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot \"public_mode\" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot \"public_mode\" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-39226",
"url": "https://www.suse.com/security/cve/CVE-2021-39226"
},
{
"category": "external",
"summary": "SUSE Bug 1191454 for CVE-2021-39226",
"url": "https://bugzilla.suse.com/1191454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2021-39226"
},
{
"cve": "CVE-2021-41174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41174"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim\u0027s browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(\u0027alert(1)\u0027)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41174",
"url": "https://www.suse.com/security/cve/CVE-2021-41174"
},
{
"category": "external",
"summary": "SUSE Bug 1192383 for CVE-2021-41174",
"url": "https://bugzilla.suse.com/1192383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2021-41174"
},
{
"cve": "CVE-2021-41244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41244"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users\u0027 roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users\u0027 roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41244",
"url": "https://www.suse.com/security/cve/CVE-2021-41244"
},
{
"category": "external",
"summary": "SUSE Bug 1192763 for CVE-2021-41244",
"url": "https://bugzilla.suse.com/1192763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "critical"
}
],
"title": "CVE-2021-41244"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2021-43798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43798"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `\u003cgrafana_host_url\u003e/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43798",
"url": "https://www.suse.com/security/cve/CVE-2021-43798"
},
{
"category": "external",
"summary": "SUSE Bug 1193492 for CVE-2021-43798",
"url": "https://bugzilla.suse.com/1193492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2021-43798"
},
{
"cve": "CVE-2021-43813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43813"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43813",
"url": "https://www.suse.com/security/cve/CVE-2021-43813"
},
{
"category": "external",
"summary": "SUSE Bug 1193686 for CVE-2021-43813",
"url": "https://bugzilla.suse.com/1193686"
},
{
"category": "external",
"summary": "SUSE Bug 1193688 for CVE-2021-43813",
"url": "https://bugzilla.suse.com/1193688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2021-43813"
},
{
"cve": "CVE-2021-43815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43815"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43815",
"url": "https://www.suse.com/security/cve/CVE-2021-43815"
},
{
"category": "external",
"summary": "SUSE Bug 1193686 for CVE-2021-43815",
"url": "https://bugzilla.suse.com/1193686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2021-43815"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-21673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21673"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the most recently logged-in user. This can allow API token holders to retrieve data for which they may not have intended access. This attack relies on the Grafana instance having data sources that support the Forward OAuth Identity feature, the Grafana instance having a data source with the Forward OAuth Identity feature toggled on, the Grafana instance having OAuth enabled, and the Grafana instance having usable API keys. This issue has been patched in versions 7.5.13 and 8.3.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21673",
"url": "https://www.suse.com/security/cve/CVE-2022-21673"
},
{
"category": "external",
"summary": "SUSE Bug 1194873 for CVE-2022-21673",
"url": "https://bugzilla.suse.com/1194873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-21673"
},
{
"cve": "CVE-2022-21698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21698"
}
],
"notes": [
{
"category": "general",
"text": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21698",
"url": "https://www.suse.com/security/cve/CVE-2022-21698"
},
{
"category": "external",
"summary": "SUSE Bug 1196338 for CVE-2022-21698",
"url": "https://bugzilla.suse.com/1196338"
},
{
"category": "external",
"summary": "SUSE Bug 1248689 for CVE-2022-21698",
"url": "https://bugzilla.suse.com/1248689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-21698"
},
{
"cve": "CVE-2022-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21702"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (XSS) attack. The attacker could either compromise an existing datasource for a specific Grafana instance or either set up its own public service and instruct anyone to set it up in their Grafana instance. To be impacted, all of the following must be applicable. For the data source proxy: A Grafana HTTP-based datasource configured with Server as Access Mode and a URL set, the attacker has to be in control of the HTTP server serving the URL of above datasource, and a specially crafted link pointing at the attacker controlled data source must be clicked on by an authenticated user. For the plugin proxy: A Grafana HTTP-based app plugin configured and enabled with a URL set, the attacker has to be in control of the HTTP server serving the URL of above app, and a specially crafted link pointing at the attacker controlled plugin must be clocked on by an authenticated user. For the backend plugin resource: An attacker must be able to navigate an authenticated user to a compromised plugin through a crafted link. Users are advised to update to a patched version. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21702",
"url": "https://www.suse.com/security/cve/CVE-2022-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1195726 for CVE-2022-21702",
"url": "https://bugzilla.suse.com/1195726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-21702"
},
{
"cve": "CVE-2022-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21703"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21703",
"url": "https://www.suse.com/security/cve/CVE-2022-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1195727 for CVE-2022-21703",
"url": "https://bugzilla.suse.com/1195727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-21703"
},
{
"cve": "CVE-2022-21713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21713"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21713",
"url": "https://www.suse.com/security/cve/CVE-2022-21713"
},
{
"category": "external",
"summary": "SUSE Bug 1195728 for CVE-2022-21713",
"url": "https://bugzilla.suse.com/1195728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-21713"
},
{
"cve": "CVE-2022-23552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23552"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren\u0027t properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23552",
"url": "https://www.suse.com/security/cve/CVE-2022-23552"
},
{
"category": "external",
"summary": "SUSE Bug 1207749 for CVE-2022-23552",
"url": "https://bugzilla.suse.com/1207749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-23552"
},
{
"cve": "CVE-2022-27191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27191"
}
],
"notes": [
{
"category": "general",
"text": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27191",
"url": "https://www.suse.com/security/cve/CVE-2022-27191"
},
{
"category": "external",
"summary": "SUSE Bug 1197284 for CVE-2022-27191",
"url": "https://bugzilla.suse.com/1197284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-27191"
},
{
"cve": "CVE-2022-27664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27664"
}
],
"notes": [
{
"category": "general",
"text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27664",
"url": "https://www.suse.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "SUSE Bug 1203185 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "external",
"summary": "SUSE Bug 1203293 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-29170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29170"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn\u0027t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29170",
"url": "https://www.suse.com/security/cve/CVE-2022-29170"
},
{
"category": "external",
"summary": "SUSE Bug 1199810 for CVE-2022-29170",
"url": "https://bugzilla.suse.com/1199810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-29170"
},
{
"cve": "CVE-2022-31097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31097"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31097",
"url": "https://www.suse.com/security/cve/CVE-2022-31097"
},
{
"category": "external",
"summary": "SUSE Bug 1201535 for CVE-2022-31097",
"url": "https://bugzilla.suse.com/1201535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-31097"
},
{
"cve": "CVE-2022-31107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31107"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user\u0027s external user id is not already associated with an account in Grafana, the malicious user\u0027s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user\u0027s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31107",
"url": "https://www.suse.com/security/cve/CVE-2022-31107"
},
{
"category": "external",
"summary": "SUSE Bug 1201539 for CVE-2022-31107",
"url": "https://bugzilla.suse.com/1201539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-31107"
},
{
"cve": "CVE-2022-31123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31123"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31123",
"url": "https://www.suse.com/security/cve/CVE-2022-31123"
},
{
"category": "external",
"summary": "SUSE Bug 1204302 for CVE-2022-31123",
"url": "https://bugzilla.suse.com/1204302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-31123"
},
{
"cve": "CVE-2022-31130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31130"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user\u0027s Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31130",
"url": "https://www.suse.com/security/cve/CVE-2022-31130"
},
{
"category": "external",
"summary": "SUSE Bug 1204305 for CVE-2022-31130",
"url": "https://bugzilla.suse.com/1204305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-31130"
},
{
"cve": "CVE-2022-32149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32149"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32149",
"url": "https://www.suse.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "SUSE Bug 1204501 for CVE-2022-32149",
"url": "https://bugzilla.suse.com/1204501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-35957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-35957"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-35957",
"url": "https://www.suse.com/security/cve/CVE-2022-35957"
},
{
"category": "external",
"summary": "SUSE Bug 1203597 for CVE-2022-35957",
"url": "https://bugzilla.suse.com/1203597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-35957"
},
{
"cve": "CVE-2022-36062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36062"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36062",
"url": "https://www.suse.com/security/cve/CVE-2022-36062"
},
{
"category": "external",
"summary": "SUSE Bug 1203596 for CVE-2022-36062",
"url": "https://bugzilla.suse.com/1203596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-36062"
},
{
"cve": "CVE-2022-39201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39201"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user\u0027s Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39201",
"url": "https://www.suse.com/security/cve/CVE-2022-39201"
},
{
"category": "external",
"summary": "SUSE Bug 1204303 for CVE-2022-39201",
"url": "https://bugzilla.suse.com/1204303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-39201"
},
{
"cve": "CVE-2022-39229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39229"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user\u0027s login attempt by registering someone else\u0027e email address as a username. A Grafana user\u0027s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`\u0027s email address. This prevents `user_1` logging into the application since `user_1`\u0027s password won\u0027t match with `user_2`\u0027s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39229",
"url": "https://www.suse.com/security/cve/CVE-2022-39229"
},
{
"category": "external",
"summary": "SUSE Bug 1204304 for CVE-2022-39229",
"url": "https://bugzilla.suse.com/1204304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "low"
}
],
"title": "CVE-2022-39229"
},
{
"cve": "CVE-2022-39306",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39306"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39306",
"url": "https://www.suse.com/security/cve/CVE-2022-39306"
},
{
"category": "external",
"summary": "SUSE Bug 1205225 for CVE-2022-39306",
"url": "https://bugzilla.suse.com/1205225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-39306"
},
{
"cve": "CVE-2022-39307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39307"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a \"user not found\" message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39307",
"url": "https://www.suse.com/security/cve/CVE-2022-39307"
},
{
"category": "external",
"summary": "SUSE Bug 1205227 for CVE-2022-39307",
"url": "https://bugzilla.suse.com/1205227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-39307"
},
{
"cve": "CVE-2022-39324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39324"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker\u0027s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39324",
"url": "https://www.suse.com/security/cve/CVE-2022-39324"
},
{
"category": "external",
"summary": "SUSE Bug 1207750 for CVE-2022-39324",
"url": "https://bugzilla.suse.com/1207750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-39324"
},
{
"cve": "CVE-2022-41715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41715"
}
],
"notes": [
{
"category": "general",
"text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41715",
"url": "https://www.suse.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "SUSE Bug 1204023 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "external",
"summary": "SUSE Bug 1208441 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1208441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-41723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41723"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41723",
"url": "https://www.suse.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "SUSE Bug 1208270 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "external",
"summary": "SUSE Bug 1215588 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1215588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-41723"
},
{
"cve": "CVE-2022-46146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46146"
}
],
"notes": [
{
"category": "general",
"text": "Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users\u0027 bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46146",
"url": "https://www.suse.com/security/cve/CVE-2022-46146"
},
{
"category": "external",
"summary": "SUSE Bug 1208046 for CVE-2022-46146",
"url": "https://bugzilla.suse.com/1208046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2022-46146"
},
{
"cve": "CVE-2023-0507",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0507"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. \n\nThe stored XSS vulnerability was possible due to map attributions weren\u0027t properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0507",
"url": "https://www.suse.com/security/cve/CVE-2023-0507"
},
{
"category": "external",
"summary": "SUSE Bug 1208821 for CVE-2023-0507",
"url": "https://bugzilla.suse.com/1208821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2023-0507"
},
{
"cve": "CVE-2023-0594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0594"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. \n\nThe stored XSS vulnerability was possible due the value of a span\u0027s attributes/resources were not properly sanitized and this will be rendered when the span\u0027s attributes/resources are expanded.\n\nAn attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0594",
"url": "https://www.suse.com/security/cve/CVE-2023-0594"
},
{
"category": "external",
"summary": "SUSE Bug 1208819 for CVE-2023-0594",
"url": "https://bugzilla.suse.com/1208819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2023-0594"
},
{
"cve": "CVE-2023-1387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1387"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1387",
"url": "https://www.suse.com/security/cve/CVE-2023-1387"
},
{
"category": "external",
"summary": "SUSE Bug 1210907 for CVE-2023-1387",
"url": "https://bugzilla.suse.com/1210907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-1387"
},
{
"cve": "CVE-2023-1410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1410"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1410",
"url": "https://www.suse.com/security/cve/CVE-2023-1410"
},
{
"category": "external",
"summary": "SUSE Bug 1209645 for CVE-2023-1410",
"url": "https://bugzilla.suse.com/1209645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-1410"
},
{
"cve": "CVE-2023-2183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2183"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\n\nThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\n\nUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2183",
"url": "https://www.suse.com/security/cve/CVE-2023-2183"
},
{
"category": "external",
"summary": "SUSE Bug 1212100 for CVE-2023-2183",
"url": "https://bugzilla.suse.com/1212100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-2183"
},
{
"cve": "CVE-2023-2801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2801"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. \n\nUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\n\nThe only feature that uses mixed queries at the moment is public dashboards, but it\u0027s also possible to cause this by calling the query API directly.\n\nThis might enable malicious users to crash Grafana instances through that endpoint.\n\nUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2801",
"url": "https://www.suse.com/security/cve/CVE-2023-2801"
},
{
"category": "external",
"summary": "SUSE Bug 1212099 for CVE-2023-2801",
"url": "https://bugzilla.suse.com/1212099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2023-2801"
},
{
"cve": "CVE-2023-3128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3128"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3128",
"url": "https://www.suse.com/security/cve/CVE-2023-3128"
},
{
"category": "external",
"summary": "SUSE Bug 1212641 for CVE-2023-3128",
"url": "https://bugzilla.suse.com/1212641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "critical"
}
],
"title": "CVE-2023-3128"
},
{
"cve": "CVE-2023-40577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-40577"
}
],
"notes": [
{
"category": "general",
"text": "Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-40577",
"url": "https://www.suse.com/security/cve/CVE-2023-40577"
},
{
"category": "external",
"summary": "SUSE Bug 1218838 for CVE-2023-40577",
"url": "https://bugzilla.suse.com/1218838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-4.6.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-boynux-squid_exporter-1.6-4.9.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.12.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.5.0-4.15.4.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-prometheus-2.45.0-4.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.12.2.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.8-4.21.2.x86_64",
"SUSE Manager Client Tools 12-BETA:kiwi-desc-saltboot-0.1.1687520761.cefb248-4.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-blackbox_exporter-0.24.0-3.6.3.x86_64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.aarch64",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.ppc64le",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.s390x",
"SUSE Manager Client Tools 12-BETA:prometheus-postgres_exporter-0.10.1-3.6.4.x86_64",
"SUSE Manager Client Tools 12-BETA:python2-hwdata-2.3.5-15.12.2.noarch",
"SUSE Manager Client Tools 12-BETA:python2-mgr-push-5.0.1-4.21.4.noarch",
"SUSE Manager Client Tools 12-BETA:python2-rhnlib-5.0.1-24.30.3.noarch",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.aarch64",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.ppc64le",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.s390x",
"SUSE Manager Client Tools 12-BETA:python2-uyuni-common-libs-5.0.1-3.33.3.x86_64",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.1-41.42.3.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-salt-1.2.2-9.9.2.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.1-9.15.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-grafana-1.0.0-3.7.2.noarch",
"SUSE Manager Client Tools 12-BETA:system-user-prometheus-1.0.0-3.7.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-23T15:18:14Z",
"details": "important"
}
],
"title": "CVE-2023-40577"
}
]
}
SUSE-SU-2022:0531-1
Vulnerability from csaf_suse - Published: 2022-02-21 08:23 - Updated: 2022-02-21 08:23Summary
Security update for nodejs12
Notes
Title of the patch
Security update for nodejs12
Description of the patch
This update for nodejs12 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
SUSE-2022-531,SUSE-SLE-Module-Web-Scripting-12-2022-531
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs12 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153). \n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963). \n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962). \n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696). \n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-531,SUSE-SLE-Module-Web-Scripting-12-2022-531",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0531-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0531-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220531-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0531-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-February/010279.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs12",
"tracking": {
"current_release_date": "2022-02-21T08:23:42Z",
"generator": {
"date": "2022-02-21T08:23:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0531-1",
"initial_release_date": "2022-02-21T08:23:42Z",
"revision_history": [
{
"date": "2022-02-21T08:23:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-1.42.2.aarch64",
"product": {
"name": "nodejs12-12.22.10-1.42.2.aarch64",
"product_id": "nodejs12-12.22.10-1.42.2.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-1.42.2.aarch64",
"product": {
"name": "nodejs12-devel-12.22.10-1.42.2.aarch64",
"product_id": "nodejs12-devel-12.22.10-1.42.2.aarch64"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-1.42.2.aarch64",
"product": {
"name": "npm12-12.22.10-1.42.2.aarch64",
"product_id": "npm12-12.22.10-1.42.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-1.42.2.i586",
"product": {
"name": "nodejs12-12.22.10-1.42.2.i586",
"product_id": "nodejs12-12.22.10-1.42.2.i586"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-1.42.2.i586",
"product": {
"name": "nodejs12-devel-12.22.10-1.42.2.i586",
"product_id": "nodejs12-devel-12.22.10-1.42.2.i586"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-1.42.2.i586",
"product": {
"name": "npm12-12.22.10-1.42.2.i586",
"product_id": "npm12-12.22.10-1.42.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-docs-12.22.10-1.42.2.noarch",
"product": {
"name": "nodejs12-docs-12.22.10-1.42.2.noarch",
"product_id": "nodejs12-docs-12.22.10-1.42.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-1.42.2.ppc64le",
"product": {
"name": "nodejs12-12.22.10-1.42.2.ppc64le",
"product_id": "nodejs12-12.22.10-1.42.2.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-1.42.2.ppc64le",
"product": {
"name": "nodejs12-devel-12.22.10-1.42.2.ppc64le",
"product_id": "nodejs12-devel-12.22.10-1.42.2.ppc64le"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-1.42.2.ppc64le",
"product": {
"name": "npm12-12.22.10-1.42.2.ppc64le",
"product_id": "npm12-12.22.10-1.42.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-1.42.2.s390x",
"product": {
"name": "nodejs12-12.22.10-1.42.2.s390x",
"product_id": "nodejs12-12.22.10-1.42.2.s390x"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-1.42.2.s390x",
"product": {
"name": "nodejs12-devel-12.22.10-1.42.2.s390x",
"product_id": "nodejs12-devel-12.22.10-1.42.2.s390x"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-1.42.2.s390x",
"product": {
"name": "npm12-12.22.10-1.42.2.s390x",
"product_id": "npm12-12.22.10-1.42.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-1.42.2.x86_64",
"product": {
"name": "nodejs12-12.22.10-1.42.2.x86_64",
"product_id": "nodejs12-12.22.10-1.42.2.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-1.42.2.x86_64",
"product": {
"name": "nodejs12-devel-12.22.10-1.42.2.x86_64",
"product_id": "nodejs12-devel-12.22.10-1.42.2.x86_64"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-1.42.2.x86_64",
"product": {
"name": "npm12-12.22.10-1.42.2.x86_64",
"product_id": "npm12-12.22.10-1.42.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-1.42.2.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64"
},
"product_reference": "nodejs12-12.22.10-1.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-1.42.2.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le"
},
"product_reference": "nodejs12-12.22.10-1.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-1.42.2.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x"
},
"product_reference": "nodejs12-12.22.10-1.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-1.42.2.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64"
},
"product_reference": "nodejs12-12.22.10-1.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-1.42.2.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64"
},
"product_reference": "nodejs12-devel-12.22.10-1.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-1.42.2.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le"
},
"product_reference": "nodejs12-devel-12.22.10-1.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-1.42.2.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x"
},
"product_reference": "nodejs12-devel-12.22.10-1.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-1.42.2.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-1.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-1.42.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-1.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-1.42.2.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64"
},
"product_reference": "npm12-12.22.10-1.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-1.42.2.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le"
},
"product_reference": "npm12-12.22.10-1.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-1.42.2.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x"
},
"product_reference": "npm12-12.22.10-1.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-1.42.2.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
},
"product_reference": "npm12-12.22.10-1.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-21T08:23:42Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-21T08:23:42Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-21T08:23:42Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-21T08:23:42Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-devel-12.22.10-1.42.2.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs12-docs-12.22.10-1.42.2.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm12-12.22.10-1.42.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-21T08:23:42Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
SUSE-SU-2024:0487-1
Vulnerability from csaf_suse - Published: 2024-02-15 13:36 - Updated: 2024-02-15 13:36Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-lusitaniae-apache_exporter:
- Do not strip if SUSE Linux Enterprise 15 SP3
- Exclude debug for Red Hat Enterprise Linux >= 8
- Build with Go >= 1.20 when the OS is not Red Hat Enterprise Linux
mgr-daemon:
- Version 4.3.8-1
* Update translation strings
prometheus-postgres_exporter:
- Remove duplicated call to systemd requirements
- Do not build debug if Red Hat Enterprise Linux >= 8
- Do not strip if SUSE Linux Enterprise 15 SP3
- Build at least with with Go >= 1.18 on Red Hat Enterprise Linux
- Build with Go >= 1.20 elsewhere
spacecmd:
- Version 4.3.26-1
* Update translation strings
spacewalk-client-tools:
- Version 4.3.18-1
* Update translation strings
uyuni-proxy-systemd-services:
- Version 4.3.10-1
* Update the image version
- Version 4.3.9-1
* Integrate the containerized proxy into the usual rel-eng workflow
Patchnames
SUSE-2024-487,SUSE-SLE-Manager-Tools-15-2024-487,SUSE-SLE-Manager-Tools-For-Micro-5-2024-487,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-487,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-487,openSUSE-SLE-15.5-2024-487
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Exclude debug for Red Hat Enterprise Linux \u003e= 8\n- Build with Go \u003e= 1.20 when the OS is not Red Hat Enterprise Linux\n\nmgr-daemon:\n\n- Version 4.3.8-1\n * Update translation strings\n\nprometheus-postgres_exporter:\n\n- Remove duplicated call to systemd requirements\n- Do not build debug if Red Hat Enterprise Linux \u003e= 8\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Build at least with with Go \u003e= 1.18 on Red Hat Enterprise Linux\n- Build with Go \u003e= 1.20 elsewhere\n\nspacecmd:\n\n- Version 4.3.26-1\n * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 4.3.18-1\n * Update translation strings\n\nuyuni-proxy-systemd-services:\n\n- Version 4.3.10-1\n * Update the image version\n- Version 4.3.9-1\n * Integrate the containerized proxy into the usual rel-eng workflow\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-487,SUSE-SLE-Manager-Tools-15-2024-487,SUSE-SLE-Manager-Tools-For-Micro-5-2024-487,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-487,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-487,openSUSE-SLE-15.5-2024-487",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0487-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0487-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240487-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0487-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017931.html"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE Bug 1193492",
"url": "https://bugzilla.suse.com/1193492"
},
{
"category": "self",
"summary": "SUSE Bug 1193686",
"url": "https://bugzilla.suse.com/1193686"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1204023",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "self",
"summary": "SUSE Bug 1218843",
"url": "https://bugzilla.suse.com/1218843"
},
{
"category": "self",
"summary": "SUSE Bug 1218844",
"url": "https://bugzilla.suse.com/1218844"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43798 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43815 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41715/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2024-02-15T13:36:26Z",
"generator": {
"date": "2024-02-15T13:36:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0487-1",
"initial_release_date": "2024-02-15T13:36:26Z",
"revision_history": [
{
"date": "2024-02-15T13:36:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-150000.1.60.2.aarch64",
"product": {
"name": "grafana-9.5.8-150000.1.60.2.aarch64",
"product_id": "grafana-9.5.8-150000.1.60.2.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"product_id": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.i586",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.i586",
"product_id": "firewalld-prometheus-config-0.1-150000.3.53.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.i586",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.i586",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.i586",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.i586",
"product_id": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.i586"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-150000.1.60.2.i586",
"product": {
"name": "grafana-9.5.8-150000.1.60.2.i586",
"product_id": "grafana-9.5.8-150000.1.60.2.i586"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.i586",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.i586",
"product_id": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "mgr-daemon-4.3.8-150000.1.44.1.noarch",
"product": {
"name": "mgr-daemon-4.3.8-150000.1.44.1.noarch",
"product_id": "mgr-daemon-4.3.8-150000.1.44.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"product": {
"name": "python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"product_id": "python3-spacewalk-check-4.3.18-150000.3.86.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"product": {
"name": "python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"product_id": "python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"product": {
"name": "python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"product_id": "python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.3.26-150000.3.113.1.noarch",
"product": {
"name": "spacecmd-4.3.26-150000.3.113.1.noarch",
"product_id": "spacecmd-4.3.26-150000.3.113.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-4.3.18-150000.3.86.2.noarch",
"product": {
"name": "spacewalk-check-4.3.18-150000.3.86.2.noarch",
"product_id": "spacewalk-check-4.3.18-150000.3.86.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"product": {
"name": "spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"product_id": "spacewalk-client-setup-4.3.18-150000.3.86.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"product": {
"name": "spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"product_id": "spacewalk-client-tools-4.3.18-150000.3.86.2.noarch"
}
},
{
"category": "product_version",
"name": "uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"product": {
"name": "uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"product_id": "uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-150000.1.60.2.ppc64le",
"product": {
"name": "grafana-9.5.8-150000.1.60.2.ppc64le",
"product_id": "grafana-9.5.8-150000.1.60.2.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"product_id": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-150000.3.53.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"product_id": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-150000.1.60.2.s390x",
"product": {
"name": "grafana-9.5.8-150000.1.60.2.s390x",
"product_id": "grafana-9.5.8-150000.1.60.2.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"product_id": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.8-150000.1.60.2.x86_64",
"product": {
"name": "grafana-9.5.8-150000.1.60.2.x86_64",
"product_id": "grafana-9.5.8-150000.1.60.2.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"product_id": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-micro:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.3",
"product": {
"name": "SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.3",
"product": {
"name": "SUSE Manager Server Module 4.3",
"product_id": "SUSE Manager Server Module 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.53.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150000.1.60.2.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64"
},
"product_reference": "grafana-9.5.8-150000.1.60.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150000.1.60.2.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le"
},
"product_reference": "grafana-9.5.8-150000.1.60.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150000.1.60.2.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x"
},
"product_reference": "grafana-9.5.8-150000.1.60.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.8-150000.1.60.2.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64"
},
"product_reference": "grafana-9.5.8-150000.1.60.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-daemon-4.3.8-150000.1.44.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch"
},
"product_reference": "mgr-daemon-4.3.8-150000.1.44.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-check-4.3.18-150000.3.86.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch"
},
"product_reference": "python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch"
},
"product_reference": "python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch"
},
"product_reference": "python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.26-150000.3.113.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch"
},
"product_reference": "spacecmd-4.3.26-150000.3.113.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-4.3.18-150000.3.86.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch"
},
"product_reference": "spacewalk-check-4.3.18-150000.3.86.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-4.3.18-150000.3.86.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch"
},
"product_reference": "spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.3.18-150000.3.86.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch"
},
"product_reference": "spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch"
},
"product_reference": "uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch"
},
"product_reference": "uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64 as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64 as component of SUSE Manager Proxy Module 4.3",
"product_id": "SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64 as component of SUSE Manager Server Module 4.3",
"product_id": "SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"relates_to_product_reference": "SUSE Manager Server Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le as component of SUSE Manager Server Module 4.3",
"product_id": "SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x as component of SUSE Manager Server Module 4.3",
"product_id": "SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64 as component of SUSE Manager Server Module 4.3",
"product_id": "SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.26-150000.3.113.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
},
"product_reference": "spacecmd-4.3.26-150000.3.113.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2021-43798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43798"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `\u003cgrafana_host_url\u003e/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43798",
"url": "https://www.suse.com/security/cve/CVE-2021-43798"
},
{
"category": "external",
"summary": "SUSE Bug 1193492 for CVE-2021-43798",
"url": "https://bugzilla.suse.com/1193492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "important"
}
],
"title": "CVE-2021-43798"
},
{
"cve": "CVE-2021-43815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43815"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43815",
"url": "https://www.suse.com/security/cve/CVE-2021-43815"
},
{
"category": "external",
"summary": "SUSE Bug 1193686 for CVE-2021-43815",
"url": "https://bugzilla.suse.com/1193686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "moderate"
}
],
"title": "CVE-2021-43815"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-41715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41715"
}
],
"notes": [
{
"category": "general",
"text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41715",
"url": "https://www.suse.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "SUSE Bug 1204023 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "external",
"summary": "SUSE Bug 1208441 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1208441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.45.0-150000.3.53.1.x86_64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.aarch64",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.ppc64le",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.s390x",
"SUSE Manager Client Tools 15:grafana-9.5.8-150000.1.60.2.x86_64",
"SUSE Manager Client Tools 15:mgr-daemon-4.3.8-150000.1.44.1.noarch",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"SUSE Manager Client Tools 15:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.3.26-150000.3.113.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-check-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.18-150000.3.86.2.noarch",
"SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.10-150000.1.15.1.noarch",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Proxy Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"SUSE Manager Server Module 4.3:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.aarch64",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.ppc64le",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.s390x",
"openSUSE Leap 15.5:golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1.x86_64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.aarch64",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.ppc64le",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.s390x",
"openSUSE Leap 15.5:prometheus-postgres_exporter-0.10.1-150000.1.17.1.x86_64",
"openSUSE Leap 15.5:spacecmd-4.3.26-150000.3.113.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T13:36:26Z",
"details": "moderate"
}
],
"title": "CVE-2022-41715"
}
]
}
SUSE-SU-2022:0657-1
Vulnerability from csaf_suse - Published: 2022-03-02 09:12 - Updated: 2022-03-02 09:12Summary
Security update for nodejs12
Notes
Title of the patch
Security update for nodejs12
Description of the patch
This update for nodejs12 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
SUSE-2022-657,SUSE-SLE-Module-Web-Scripting-15-SP3-2022-657,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-657,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-657,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-657,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-657,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-657,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-657,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-657,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-657,SUSE-Storage-7-2022-657
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs12 fixes the following issues:\n\t \n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-657,SUSE-SLE-Module-Web-Scripting-15-SP3-2022-657,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-657,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-657,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-657,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-657,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-657,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-657,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-657,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-657,SUSE-Storage-7-2022-657",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0657-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0657-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220657-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0657-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010326.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs12",
"tracking": {
"current_release_date": "2022-03-02T09:12:22Z",
"generator": {
"date": "2022-03-02T09:12:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0657-1",
"initial_release_date": "2022-03-02T09:12:22Z",
"revision_history": [
{
"date": "2022-03-02T09:12:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.aarch64",
"product": {
"name": "nodejs12-12.22.10-4.29.3.aarch64",
"product_id": "nodejs12-12.22.10-4.29.3.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"product_id": "nodejs12-devel-12.22.10-4.29.3.aarch64"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.aarch64",
"product": {
"name": "npm12-12.22.10-4.29.3.aarch64",
"product_id": "npm12-12.22.10-4.29.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.i586",
"product": {
"name": "nodejs12-12.22.10-4.29.3.i586",
"product_id": "nodejs12-12.22.10-4.29.3.i586"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.i586",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.i586",
"product_id": "nodejs12-devel-12.22.10-4.29.3.i586"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.i586",
"product": {
"name": "npm12-12.22.10-4.29.3.i586",
"product_id": "npm12-12.22.10-4.29.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-docs-12.22.10-4.29.3.noarch",
"product": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch",
"product_id": "nodejs12-docs-12.22.10-4.29.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.ppc64le",
"product": {
"name": "nodejs12-12.22.10-4.29.3.ppc64le",
"product_id": "nodejs12-12.22.10-4.29.3.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"product_id": "nodejs12-devel-12.22.10-4.29.3.ppc64le"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.ppc64le",
"product": {
"name": "npm12-12.22.10-4.29.3.ppc64le",
"product_id": "npm12-12.22.10-4.29.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.s390x",
"product": {
"name": "nodejs12-12.22.10-4.29.3.s390x",
"product_id": "nodejs12-12.22.10-4.29.3.s390x"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.s390x",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.s390x",
"product_id": "nodejs12-devel-12.22.10-4.29.3.s390x"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.s390x",
"product": {
"name": "npm12-12.22.10-4.29.3.s390x",
"product_id": "npm12-12.22.10-4.29.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.x86_64",
"product": {
"name": "nodejs12-12.22.10-4.29.3.x86_64",
"product_id": "nodejs12-12.22.10-4.29.3.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"product_id": "nodejs12-devel-12.22.10-4.29.3.x86_64"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.x86_64",
"product": {
"name": "npm12-12.22.10-4.29.3.x86_64",
"product_id": "npm12-12.22.10-4.29.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64"
},
"product_reference": "npm12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "npm12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x"
},
"product_reference": "npm12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64"
},
"product_reference": "npm12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64"
},
"product_reference": "npm12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64"
},
"product_reference": "npm12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "npm12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x"
},
"product_reference": "npm12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "npm12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "npm12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x"
},
"product_reference": "npm12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64"
},
"product_reference": "npm12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:12:22Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:12:22Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:12:22Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:12:22Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Enterprise Storage 7:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.aarch64",
"SUSE Enterprise Storage 7:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP3:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:npm12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Proxy 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Proxy 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Retail Branch Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Retail Branch Server 4.1:npm12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:nodejs12-devel-12.22.10-4.29.3.x86_64",
"SUSE Manager Server 4.1:nodejs12-docs-12.22.10-4.29.3.noarch",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.ppc64le",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.s390x",
"SUSE Manager Server 4.1:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:12:22Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
OPENSUSE-SU-2022:0704-1
Vulnerability from csaf_opensuse - Published: 2022-03-03 17:26 - Updated: 2022-03-03 17:26Summary
Security update for nodejs8
Notes
Title of the patch
Security update for nodejs8
Description of the patch
This update for nodejs8 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
openSUSE-SLE-15.3-2022-704,openSUSE-SLE-15.4-2022-704
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs8 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2022-704,openSUSE-SLE-15.4-2022-704",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0704-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0704-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4BTHU2F626CTZYCXOBT5S7GWU3QXNTMZ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0704-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4BTHU2F626CTZYCXOBT5S7GWU3QXNTMZ/"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs8",
"tracking": {
"current_release_date": "2022-03-03T17:26:35Z",
"generator": {
"date": "2022-03-03T17:26:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0704-1",
"initial_release_date": "2022-03-03T17:26:35Z",
"revision_history": [
{
"date": "2022-03-03T17:26:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.aarch64",
"product": {
"name": "nodejs8-8.17.0-10.19.2.aarch64",
"product_id": "nodejs8-8.17.0-10.19.2.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"product_id": "nodejs8-devel-8.17.0-10.19.2.aarch64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.aarch64",
"product": {
"name": "npm8-8.17.0-10.19.2.aarch64",
"product_id": "npm8-8.17.0-10.19.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-docs-8.17.0-10.19.2.noarch",
"product": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch",
"product_id": "nodejs8-docs-8.17.0-10.19.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.ppc64le",
"product": {
"name": "nodejs8-8.17.0-10.19.2.ppc64le",
"product_id": "nodejs8-8.17.0-10.19.2.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"product_id": "nodejs8-devel-8.17.0-10.19.2.ppc64le"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.ppc64le",
"product": {
"name": "npm8-8.17.0-10.19.2.ppc64le",
"product_id": "npm8-8.17.0-10.19.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.s390x",
"product": {
"name": "nodejs8-8.17.0-10.19.2.s390x",
"product_id": "nodejs8-8.17.0-10.19.2.s390x"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.s390x",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.s390x",
"product_id": "nodejs8-devel-8.17.0-10.19.2.s390x"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.s390x",
"product": {
"name": "npm8-8.17.0-10.19.2.s390x",
"product_id": "npm8-8.17.0-10.19.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.19.2.x86_64",
"product": {
"name": "nodejs8-8.17.0-10.19.2.x86_64",
"product_id": "nodejs8-8.17.0-10.19.2.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"product": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"product_id": "nodejs8-devel-8.17.0-10.19.2.x86_64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.19.2.x86_64",
"product": {
"name": "npm8-8.17.0-10.19.2.x86_64",
"product_id": "npm8-8.17.0-10.19.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x"
},
"product_reference": "nodejs8-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.19.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.19.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.19.2.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.19.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64"
},
"product_reference": "npm8-8.17.0-10.19.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le"
},
"product_reference": "npm8-8.17.0-10.19.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x"
},
"product_reference": "npm8-8.17.0-10.19.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.19.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
},
"product_reference": "npm8-8.17.0-10.19.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:26:35Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:26:35Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:26:35Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:26:35Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:nodejs8-devel-8.17.0-10.19.2.x86_64",
"openSUSE Leap 15.3:nodejs8-docs-8.17.0-10.19.2.noarch",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.aarch64",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.ppc64le",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.s390x",
"openSUSE Leap 15.3:npm8-8.17.0-10.19.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-03T17:26:35Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
OPENSUSE-SU-2022:0657-1
Vulnerability from csaf_opensuse - Published: 2022-03-02 09:11 - Updated: 2022-03-02 09:11Summary
Security update for nodejs12
Notes
Title of the patch
Security update for nodejs12
Description of the patch
This update for nodejs12 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
openSUSE-SLE-15.3-2022-657,openSUSE-SLE-15.4-2022-657
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs12 fixes the following issues:\n\t \n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2022-657,openSUSE-SLE-15.4-2022-657",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0657-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0657-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NCH4EEBMT6XZIRNVGTNBOCQCY4JVZ4IN/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0657-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NCH4EEBMT6XZIRNVGTNBOCQCY4JVZ4IN/"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs12",
"tracking": {
"current_release_date": "2022-03-02T09:11:57Z",
"generator": {
"date": "2022-03-02T09:11:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0657-1",
"initial_release_date": "2022-03-02T09:11:57Z",
"revision_history": [
{
"date": "2022-03-02T09:11:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.aarch64",
"product": {
"name": "nodejs12-12.22.10-4.29.3.aarch64",
"product_id": "nodejs12-12.22.10-4.29.3.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"product_id": "nodejs12-devel-12.22.10-4.29.3.aarch64"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.aarch64",
"product": {
"name": "npm12-12.22.10-4.29.3.aarch64",
"product_id": "npm12-12.22.10-4.29.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-docs-12.22.10-4.29.3.noarch",
"product": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch",
"product_id": "nodejs12-docs-12.22.10-4.29.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.ppc64le",
"product": {
"name": "nodejs12-12.22.10-4.29.3.ppc64le",
"product_id": "nodejs12-12.22.10-4.29.3.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"product_id": "nodejs12-devel-12.22.10-4.29.3.ppc64le"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.ppc64le",
"product": {
"name": "npm12-12.22.10-4.29.3.ppc64le",
"product_id": "npm12-12.22.10-4.29.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.s390x",
"product": {
"name": "nodejs12-12.22.10-4.29.3.s390x",
"product_id": "nodejs12-12.22.10-4.29.3.s390x"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.s390x",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.s390x",
"product_id": "nodejs12-devel-12.22.10-4.29.3.s390x"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.s390x",
"product": {
"name": "npm12-12.22.10-4.29.3.s390x",
"product_id": "npm12-12.22.10-4.29.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs12-12.22.10-4.29.3.x86_64",
"product": {
"name": "nodejs12-12.22.10-4.29.3.x86_64",
"product_id": "nodejs12-12.22.10-4.29.3.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"product": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"product_id": "nodejs12-devel-12.22.10-4.29.3.x86_64"
}
},
{
"category": "product_version",
"name": "npm12-12.22.10-4.29.3.x86_64",
"product": {
"name": "npm12-12.22.10-4.29.3.x86_64",
"product_id": "npm12-12.22.10-4.29.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-12.22.10-4.29.3.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-devel-12.22.10-4.29.3.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64"
},
"product_reference": "nodejs12-devel-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs12-docs-12.22.10-4.29.3.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch"
},
"product_reference": "nodejs12-docs-12.22.10-4.29.3.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64"
},
"product_reference": "npm12-12.22.10-4.29.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le"
},
"product_reference": "npm12-12.22.10-4.29.3.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x"
},
"product_reference": "npm12-12.22.10-4.29.3.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm12-12.22.10-4.29.3.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
},
"product_reference": "npm12-12.22.10-4.29.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:11:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:11:57Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:11:57Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:11:57Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:nodejs12-devel-12.22.10-4.29.3.x86_64",
"openSUSE Leap 15.3:nodejs12-docs-12.22.10-4.29.3.noarch",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.aarch64",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.ppc64le",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.s390x",
"openSUSE Leap 15.3:npm12-12.22.10-4.29.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-02T09:11:57Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
OPENSUSE-SU-2024:12723-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
grafana-9.3.6-1.1 on GA media
Notes
Title of the patch
grafana-9.3.6-1.1 on GA media
Description of the patch
These are all security issues fixed in the grafana-9.3.6-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12723
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "grafana-9.3.6-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the grafana-9.3.6-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12723",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12723-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32149/"
}
],
"title": "grafana-9.3.6-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12723-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.3.6-1.1.aarch64",
"product": {
"name": "grafana-9.3.6-1.1.aarch64",
"product_id": "grafana-9.3.6-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.3.6-1.1.ppc64le",
"product": {
"name": "grafana-9.3.6-1.1.ppc64le",
"product_id": "grafana-9.3.6-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.3.6-1.1.s390x",
"product": {
"name": "grafana-9.3.6-1.1.s390x",
"product_id": "grafana-9.3.6-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-9.3.6-1.1.x86_64",
"product": {
"name": "grafana-9.3.6-1.1.x86_64",
"product_id": "grafana-9.3.6-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.3.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64"
},
"product_reference": "grafana-9.3.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.3.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le"
},
"product_reference": "grafana-9.3.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.3.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x"
},
"product_reference": "grafana-9.3.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.3.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
},
"product_reference": "grafana-9.3.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7753"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7753",
"url": "https://www.suse.com/security/cve/CVE-2020-7753"
},
{
"category": "external",
"summary": "SUSE Bug 1218843 for CVE-2020-7753",
"url": "https://bugzilla.suse.com/1218843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-7753"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0155"
}
],
"notes": [
{
"category": "general",
"text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0155",
"url": "https://www.suse.com/security/cve/CVE-2022-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1218844 for CVE-2022-0155",
"url": "https://bugzilla.suse.com/1218844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2022-27664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27664"
}
],
"notes": [
{
"category": "general",
"text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27664",
"url": "https://www.suse.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "SUSE Bug 1203185 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "external",
"summary": "SUSE Bug 1203293 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-32149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32149"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32149",
"url": "https://www.suse.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "SUSE Bug 1204501 for CVE-2022-32149",
"url": "https://bugzilla.suse.com/1204501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-9.3.6-1.1.aarch64",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.s390x",
"openSUSE Tumbleweed:grafana-9.3.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-32149"
}
]
}
OPENSUSE-SU-2022:0715-1
Vulnerability from csaf_opensuse - Published: 2022-03-04 08:37 - Updated: 2022-03-04 08:37Summary
Security update for nodejs14
Notes
Title of the patch
Security update for nodejs14
Description of the patch
This update for nodejs14 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Patchnames
openSUSE-SLE-15.3-2022-715,openSUSE-SLE-15.4-2022-715
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs14",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs14 fixes the following issues:\n\n- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153).\n- CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963).\n- CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962).\n- CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696).\n- CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2022-715,openSUSE-SLE-15.4-2022-715",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0715-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0715-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VAM6LOV2R24IH5PPUWLXB64PALLMBOTU/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0715-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VAM6LOV2R24IH5PPUWLXB64PALLMBOTU/"
},
{
"category": "self",
"summary": "SUSE Bug 1191962",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "self",
"summary": "SUSE Bug 1191963",
"url": "https://bugzilla.suse.com/1191963"
},
{
"category": "self",
"summary": "SUSE Bug 1192153",
"url": "https://bugzilla.suse.com/1192153"
},
{
"category": "self",
"summary": "SUSE Bug 1192154",
"url": "https://bugzilla.suse.com/1192154"
},
{
"category": "self",
"summary": "SUSE Bug 1192696",
"url": "https://bugzilla.suse.com/1192696"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2021-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32803 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32804 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3807 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3918 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3918/"
}
],
"title": "Security update for nodejs14",
"tracking": {
"current_release_date": "2022-03-04T08:37:55Z",
"generator": {
"date": "2022-03-04T08:37:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0715-1",
"initial_release_date": "2022-03-04T08:37:55Z",
"revision_history": [
{
"date": "2022-03-04T08:37:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.aarch64",
"product": {
"name": "nodejs14-14.19.0-15.27.1.aarch64",
"product_id": "nodejs14-14.19.0-15.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"product_id": "nodejs14-devel-14.19.0-15.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.aarch64",
"product": {
"name": "npm14-14.19.0-15.27.1.aarch64",
"product_id": "npm14-14.19.0-15.27.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs14-docs-14.19.0-15.27.1.noarch",
"product": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch",
"product_id": "nodejs14-docs-14.19.0-15.27.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.ppc64le",
"product": {
"name": "nodejs14-14.19.0-15.27.1.ppc64le",
"product_id": "nodejs14-14.19.0-15.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"product_id": "nodejs14-devel-14.19.0-15.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.ppc64le",
"product": {
"name": "npm14-14.19.0-15.27.1.ppc64le",
"product_id": "npm14-14.19.0-15.27.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.s390x",
"product": {
"name": "nodejs14-14.19.0-15.27.1.s390x",
"product_id": "nodejs14-14.19.0-15.27.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.s390x",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.s390x",
"product_id": "nodejs14-devel-14.19.0-15.27.1.s390x"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.s390x",
"product": {
"name": "npm14-14.19.0-15.27.1.s390x",
"product_id": "npm14-14.19.0-15.27.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs14-14.19.0-15.27.1.x86_64",
"product": {
"name": "nodejs14-14.19.0-15.27.1.x86_64",
"product_id": "nodejs14-14.19.0-15.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"product": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"product_id": "nodejs14-devel-14.19.0-15.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm14-14.19.0-15.27.1.x86_64",
"product": {
"name": "npm14-14.19.0-15.27.1.x86_64",
"product_id": "npm14-14.19.0-15.27.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-14.19.0-15.27.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-devel-14.19.0-15.27.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64"
},
"product_reference": "nodejs14-devel-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs14-docs-14.19.0-15.27.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch"
},
"product_reference": "nodejs14-docs-14.19.0-15.27.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64"
},
"product_reference": "npm14-14.19.0-15.27.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le"
},
"product_reference": "npm14-14.19.0-15.27.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x"
},
"product_reference": "npm14-14.19.0-15.27.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm14-14.19.0-15.27.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
},
"product_reference": "npm14-14.19.0-15.27.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-23343"
}
],
"notes": [
{
"category": "general",
"text": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-23343",
"url": "https://www.suse.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1192153 for CVE-2021-23343",
"url": "https://bugzilla.suse.com/1192153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:37:55Z",
"details": "moderate"
}
],
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-32803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32803"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary `stat` calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the `node-tar` directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where `node-tar` checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass `node-tar` symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32803",
"url": "https://www.suse.com/security/cve/CVE-2021-32803"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191962"
},
{
"category": "external",
"summary": "SUSE Bug 1191963 for CVE-2021-32803",
"url": "https://bugzilla.suse.com/1191963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:37:55Z",
"details": "important"
}
],
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32804"
}
],
"notes": [
{
"category": "general",
"text": "The npm package \"tar\" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32804",
"url": "https://www.suse.com/security/cve/CVE-2021-32804"
},
{
"category": "external",
"summary": "SUSE Bug 1191962 for CVE-2021-32804",
"url": "https://bugzilla.suse.com/1191962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:37:55Z",
"details": "important"
}
],
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-3807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3807"
}
],
"notes": [
{
"category": "general",
"text": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3807",
"url": "https://www.suse.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "SUSE Bug 1192154 for CVE-2021-3807",
"url": "https://bugzilla.suse.com/1192154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:37:55Z",
"details": "important"
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2021-3918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3918"
}
],
"notes": [
{
"category": "general",
"text": "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3918",
"url": "https://www.suse.com/security/cve/CVE-2021-3918"
},
{
"category": "external",
"summary": "SUSE Bug 1192696 for CVE-2021-3918",
"url": "https://bugzilla.suse.com/1192696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:nodejs14-devel-14.19.0-15.27.1.x86_64",
"openSUSE Leap 15.3:nodejs14-docs-14.19.0-15.27.1.noarch",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.aarch64",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.ppc64le",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.s390x",
"openSUSE Leap 15.3:npm14-14.19.0-15.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T08:37:55Z",
"details": "important"
}
],
"title": "CVE-2021-3918"
}
]
}
GSD-2021-3807
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-3807",
"description": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"id": "GSD-2021-3807",
"references": [
"https://www.suse.com/security/cve/CVE-2021-3807.html",
"https://access.redhat.com/errata/RHSA-2022:0735",
"https://access.redhat.com/errata/RHSA-2022:0350",
"https://access.redhat.com/errata/RHSA-2022:0246",
"https://access.redhat.com/errata/RHSA-2022:0041",
"https://access.redhat.com/errata/RHSA-2021:5171",
"https://linux.oracle.com/cve/CVE-2021-3807.html",
"https://access.redhat.com/errata/RHSA-2022:4711",
"https://access.redhat.com/errata/RHSA-2022:4814",
"https://access.redhat.com/errata/RHSA-2022:5483",
"https://access.redhat.com/errata/RHSA-2022:5532",
"https://access.redhat.com/errata/RHSA-2022:5555",
"https://access.redhat.com/errata/RHSA-2022:6449",
"https://access.redhat.com/errata/RHSA-2022:6595"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-3807"
],
"details": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"id": "GSD-2021-3807",
"modified": "2023-12-13T01:23:34.995178Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2021-3807",
"STATE": "PUBLIC",
"TITLE": "Inefficient Regular Expression Complexity in chalk/ansi-regex"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "chalk/ansi-regex",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.0.1"
},
{
"version_affected": "\u003c",
"version_value": "5.0.1"
},
{
"version_affected": "!",
"version_value": "5.0.1"
}
]
}
}
]
},
"vendor_name": "chalk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1333 Inefficient Regular Expression Complexity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
},
{
"name": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9",
"refsource": "MISC",
"url": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20221014-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20221014-0002/"
}
]
},
"source": {
"advisory": "5b3cf33b-ede0-4398-9974-800876dfd994",
"discovery": "EXTERNAL"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=3.0.0 \u003c3.0.1||\u003e=4.0.0 \u003c4.1.1||\u003e=5.0.0 \u003c5.0.1||\u003e=6.0.0 \u003c6.0.1",
"affected_versions": "Version 3.0.0, all versions starting from 4.0.0 before 4.1.1, version 5.0.0, version 6.0.0",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-1333",
"CWE-937"
],
"date": "2023-07-10",
"description": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity",
"fixed_versions": [
"3.0.1",
"4.1.1",
"5.0.1",
"6.0.1"
],
"identifier": "CVE-2021-3807",
"identifiers": [
"CVE-2021-3807"
],
"not_impacted": "",
"package_slug": "npm/ansi-regex",
"pubdate": "2021-09-17",
"solution": "Upgrade to versions 6.0.1, 5.0.1, 4.1.1, 3.0.1 or above.",
"title": "Inefficient Regular Expression Complexity",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
],
"uuid": "d3380f7d-f611-46f0-8561-96d3a1eb9fa9"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ansi-regex_project:ansi-regex:6.0.0:*:*:*:*:node.js:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ansi-regex_project:ansi-regex:*:*:*:*:*:node.js:*:*",
"cpe_name": [],
"versionEndExcluding": "4.1.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ansi-regex_project:ansi-regex:5.0.0:*:*:*:*:node.js:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ansi-regex_project:ansi-regex:3.0.0:*:*:*:*:node.js:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2021-3807"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9"
},
{
"name": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20221014-0002/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221014-0002/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-07-10T19:01Z",
"publishedDate": "2021-09-17T07:15Z"
}
}
}
GHSA-93Q8-GQ69-WQMW
Vulnerability from github – Published: 2021-09-20 20:20 – Updated: 2023-09-11 16:42
VLAI?
Summary
Inefficient Regular Expression Complexity in chalk/ansi-regex
Details
ansi-regex is vulnerable to Inefficient Regular Expression Complexity which could lead to a denial of service when parsing invalid ANSI escape codes.
Proof of Concept
import ansiRegex from 'ansi-regex';
for(var i = 1; i <= 50000; i++) {
var time = Date.now();
var attack_str = "\u001B["+";".repeat(i*10000);
ansiRegex().test(attack_str)
var time_cost = Date.now() - time;
console.log("attack_str.length: " + attack_str.length + ": " + time_cost+" ms")
}
The ReDOS is mainly due to the sub-patterns [[\\]()#;?]* and (?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "ansi-regex"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "ansi-regex"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "ansi-regex"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "ansi-regex"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-3807"
],
"database_specific": {
"cwe_ids": [
"CWE-1333",
"CWE-697"
],
"github_reviewed": true,
"github_reviewed_at": "2021-09-20T18:56:22Z",
"nvd_published_at": "2021-09-17T07:15:00Z",
"severity": "HIGH"
},
"details": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity which could lead to a denial of service when parsing invalid ANSI escape codes.\n\n**Proof of Concept**\n```js\nimport ansiRegex from \u0027ansi-regex\u0027;\nfor(var i = 1; i \u003c= 50000; i++) {\n var time = Date.now();\n var attack_str = \"\\u001B[\"+\";\".repeat(i*10000);\n ansiRegex().test(attack_str)\n var time_cost = Date.now() - time;\n console.log(\"attack_str.length: \" + attack_str.length + \": \" + time_cost+\" ms\")\n}\n```\nThe ReDOS is mainly due to the sub-patterns `[[\\\\]()#;?]*` and `(?:;[-a-zA-Z\\\\d\\\\/#\u0026.:=?%@~_]*)*`",
"id": "GHSA-93q8-gq69-wqmw",
"modified": "2023-09-11T16:42:11Z",
"published": "2021-09-20T20:20:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"type": "WEB",
"url": "https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311"
},
{
"type": "WEB",
"url": "https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774"
},
{
"type": "WEB",
"url": "https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1"
},
{
"type": "WEB",
"url": "https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a"
},
{
"type": "WEB",
"url": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9"
},
{
"type": "WEB",
"url": "https://github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8"
},
{
"type": "WEB",
"url": "https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908"
},
{
"type": "PACKAGE",
"url": "https://github.com/chalk/ansi-regex"
},
{
"type": "WEB",
"url": "https://github.com/chalk/ansi-regex/releases/tag/v6.0.1"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221014-0002"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Inefficient Regular Expression Complexity in chalk/ansi-regex"
}
FKIE_CVE-2021-3807
Vulnerability from fkie_nvd - Published: 2021-09-17 07:15 - Updated: 2024-11-21 06:22
Severity ?
Summary
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
References
| URL | Tags | ||
|---|---|---|---|
| security@huntr.dev | https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| security@huntr.dev | https://security.netapp.com/advisory/ntap-20221014-0002/ | Third Party Advisory | |
| security@huntr.dev | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221014-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ansi-regex_project | ansi-regex | * | |
| ansi-regex_project | ansi-regex | 3.0.0 | |
| ansi-regex_project | ansi-regex | 5.0.0 | |
| ansi-regex_project | ansi-regex | 6.0.0 | |
| oracle | communications_cloud_native_core_policy | 1.15.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ansi-regex_project:ansi-regex:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "AD9CD917-1204-4B9C-960B-A6CF0380E660",
"versionEndExcluding": "4.1.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ansi-regex_project:ansi-regex:3.0.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "9F3A897D-6080-4F7A-8913-A11F0E9E7C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ansi-regex_project:ansi-regex:5.0.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "E67C63BE-EF70-4794-92BF-CF0323DB2AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ansi-regex_project:ansi-regex:6.0.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "0A72DB85-ED1D-4A67-9E13-E57A08185A47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4367D9B-BF81-47AD-A840-AC46317C774D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ansi-regex is vulnerable to Inefficient Regular Expression Complexity"
},
{
"lang": "es",
"value": "ansi-regex es vulnerable a una Complejidad de Expresiones Regulares Ineficientes"
}
],
"id": "CVE-2021-3807",
"lastModified": "2024-11-21T06:22:29.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security@huntr.dev",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-17T07:15:09.273",
"references": [
{
"source": "security@huntr.dev",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9"
},
{
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
},
{
"source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221014-0002/"
},
{
"source": "security@huntr.dev",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221014-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "security@huntr.dev",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "security@huntr.dev",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…